JP4709323B1 - Conditional reception system and card adapter - Google Patents

Abstract

Provided is a conditional access system that is low-cost and highly reliable by making the most of the functions of a digital television and adding a minimum number of additional devices.
A sending device encrypts paid self-broadcast content with a scramble key, includes the scramble key in a unique ECM, and sends the encrypted broadcast content. When the card adapter 24 mounted between the IC card 26 and the television receiver 21 receives the unique ECM from the television receiver 21, the card adapter 24 extracts the scramble key from the unique ECM and sends it to the television receiver 21. When an ECM other than the original ECM is received, the scramble key transmitted from the IC card 26 to the television receiver 21 is turned on. The transmission device 14 may further transmit data broadcast content including a password for releasing the viewing restriction, a password input screen, viewing restriction, and a BML script for releasing the viewing restriction. In that case, the ticket issuing machine 18 for printing out the password on a form is provided.
[Selection] Figure 1

Description

  The present invention relates to a conditional access system for restricting viewing of broadcast contents in a digital television receiver using an IC card for viewing digital broadcasts, and a card adapter used therefor.

  In facilities such as hotels, paid broadcast contents are provided together with free television broadcast contents. (Hereinafter, television is also simply referred to as television.)

  Conventionally, as pay TV systems for hotels and the like, a system using a dedicated STB (Set Top Box) or a system such as VOD (Video On Demand) has been generally used. When a dedicated STB is used, since two remote controllers, a TV remote controller (hereinafter referred to as a remote controller) and an STB remote controller, are required, various devices are required to improve usability.

  In addition, in order to realize the limited reception function with the dedicated STB, a control function higher than that of the television receiver (television receiver) is required, and it is difficult to reduce the cost.

  On the other hand, the VOD system has the same complexity in the communication network and the purchase setting for limited reception, but more than that, the operation cost is required for updating the content on the transmission side.

  Patent Document 1 proposes a digital broadcast viewing system that makes it possible to provide pay broadcasting with viewing restrictions using data broadcasting to a digital television receiver. This system issues a PET card as a charging medium to a user at a card vending machine. In addition, the pay key content, the intermediate key generation function, the main key generation function, and all the card IDs are included in the BML content of the data broadcast and distributed to each room of the hotel from the headend device having an independent broadcast transmission function. A user who wishes to view paid content purchases a PET card at a card vending machine. In each room, a terminal device having a card reader for a PET card is installed. Each terminal device is connected to a digital television receiver via a LAN, and when information is read from an appropriate PET card, based on the intermediate key data received from the television receiver and the authentication ID data obtained from the PET card. This key data is generated and transmitted to the television receiver. The television receiver collates the real key data received from the terminal device with the real key data generated by itself, and when the two match, after the card ID is authenticated, the viewing restriction is released.

JP 2010-16557 A

Access control method for digital broadcasting Standards ARIB STD-B25 version 5.1, Japan Radio Industry Association

  In the prior art described in Patent Document 1, viewing restriction can be performed using data broadcasting, but a terminal device connected to the television receiver via a LAN is required in each room. Moreover, a PET card is required for each viewer of pay content, and the cost of a card vending machine for selling this PET card also increases.

  In addition, the viewing restriction system using data broadcasting does not encrypt the video and audio streams, and does not comply with ARIB (Association of Radio Industries and Business: see Non-Patent Document 1). ) When a peripheral device and specific software are used, there is a problem that the paid content can be viewed relatively easily.

In other words, such paid content by independent broadcasting is not encrypted (so-called scrambled) in the broadcasting content itself as in the existing digital broadcasting. In the existing digital broadcasting, an individual TV receiver uses a digital broadcast viewing IC card called a B-CAS card, thereby decoding broadcast contents (so-called descrambling). However, such an IC card is not supposed to be compatible with encryption of independent broadcast content. It is conceivable to introduce a CAS system that is separate from the existing B-CAS system in order to encrypt independent broadcast content. However, for this purpose, a redundant CAS system is provided, which is practical in terms of cost. Not.

  The present invention has been made in such a background, and the object of the present invention is to minimize the number of additional devices by making maximum use of the functions of a system and digital television using an existing IC card for viewing digital broadcasting. By adding, it is providing the conditional access system which is low-cost and reliable.

  A conditional access system according to the present invention is a conditional access system for restricting viewing of broadcast content in a digital television receiver using a digital broadcast viewing IC card, wherein the digital broadcast viewing IC card, the digital television receiver, And a sending device for sending broadcast content including at least video and audio. The transmission device encrypts the broadcast content with a predetermined scramble key, includes the scramble key in a unique ECM, and transmits the encrypted broadcast content. The card adapter has a function of identifying whether the ECM received from the digital television receiver is a unique ECM, and extracts the scramble key from the unique ECM when the ECM is the unique ECM. When the ECM is an ECM other than the original ECM, the scramble key transmitted from the IC card to the digital television receiver is turned on.

  Broadcast content that is not encrypted (scrambled) is encrypted with a predetermined scramble key in the transmission device. As a result, unless the cipher is decrypted, it is impossible to view the content illegally with a device such as a PC that does not support the digital broadcasting standard. A card adapter mounted between the digital broadcast viewing IC card and the digital television receiver extracts a scramble key used for decrypting the encrypted broadcast content from the unique ECM and outputs it instead of the IC card. . Thus, the card adapter is responsible for decoding only the broadcast content sent from the sending device. The card adapter has no effect on broadcast content other than the broadcast content transmitted from the transmission device, and it appears as if it does not exist from the IC card.

  As described above, the present invention utilizes the existing IC card and digital TV receiver mechanism when decrypting broadcast content encrypted with a unique scramble key, so that the IC card and the digital TV receiver can be connected to each other. By simply inserting a card adapter, it is possible to reproduce broadcast content without affecting the function of the IC card with a minimum number of additional devices.

  More specifically, the sending device encrypts the unique ECM with a second encryption method different from the first encryption method with which the non-unique ECM is encrypted, and the card adapter uses the second encryption method. The original ECM encrypted in step S1 is decrypted to extract a scramble key, and the extracted scramble key is sent to the digital television receiver.

  The transmission device may include means for generating a plurality of pairs of the scramble key and the unique ECM in time series. The means for generating a plurality of pairs of the scramble key and the unique ECM in time series includes, for example, a storage means for storing a plurality of pairs of the scramble key and the unique ECM, and a predetermined number of the stored pairs. And timing control means for repeatedly reading at the timing.

  The sending device includes, together with the broadcast content, at least a password for viewing the encrypted broadcast content, password input screen configuration data, broadcast content viewing restriction, and BML script for releasing the broadcast content May be sent out. Thereby, the viewing restriction of the broadcast content decrypted by using the card adapter can be realized by the BML script of the data broadcast content.

  The password can be issued to the user with a ticketing machine that prints out a form. When the user wants to view the encrypted broadcast content, the user can input the password based on the processing of the BML script, thereby releasing the viewing restriction on the broadcast content.

  A card adapter according to the present invention is mounted between the digital broadcast viewing IC card and the digital television receiver in a limited reception system for restricting viewing of broadcast content in a digital television receiver using a digital broadcast viewing IC card. A first adapter that selectively conducts / blocks a communication path between the digital broadcast viewing IC card and the digital television receiver, and a complement that is complementary to the first switch. The second switch to be blocked / connected to the communication path between the digital broadcast viewing IC card and the digital television receiver, and identifies whether the ECM received from the digital television receiver is a unique ECM And when the ECM is the original ECM, the original ECM A blue key is extracted and sent to the digital television receiver via the second switch, and when the ECM is an ECM other than the original ECM, the IC card is connected to the IC card via the first switch. Adapter control means for controlling the scramble key transmitted to the digital television receiver to conduct.

  As described above, this card adapter extracts a scramble key used for decrypting the encrypted broadcast content from the original ECM and outputs it instead of the IC card. Thus, the card adapter is responsible for decoding only the broadcast content transmitted from the transmission device.

  The adapter control means can determine whether the ECM is a unique ECM based on whether the ECM received from the digital television receiver can be correctly decoded.

  According to the present invention, the broadcast content which is not scrambled is encrypted while the function of the digital broadcast viewing IC card is utilized to the maximum, and the digital broadcast viewing IC card is connected via the card adapter. By attaching to the digital television receiver, the card adapter can extract the scramble key used for decoding the broadcast content from the original ECM and output it instead of the IC card. Thereby, unauthorized viewing of the broadcast content can be prevented with the minimum addition of components and cost.

  Further, the configuration of the present invention does not affect the CAS card system using an existing IC card. That is, when the broadcast content transmitted from the transmission device is selected, a unique ECM that cannot be decrypted to the IC card and can be decrypted only by the card adapter is output via the television receiver, and the card adapter based on this outputs the scramble key. Is returned to the television receiver, so that there is no adverse effect on the existing CAS system.

  In addition, by using a BML script for data broadcasting, it is possible to easily introduce a billing function associated with charge for broadcasting content by introducing a channel restriction for independent broadcasting and a viewing restriction function using a password. In this way, by combining a password input using data broadcasting and a card adapter for mounting an IC card, the configuration becomes very simple compared to a dedicated STB of a CATV (Cable Television) level, which is necessary for each television receiver. The cost per device (card adapter) can be greatly reduced.

It is a block diagram showing the schematic structure of the whole conditional access system for digital broadcasting in embodiment of this invention. It is a figure which shows the example of an external appearance structure of the card adapter in embodiment of this invention. It is a block diagram showing the internal structure of the sending apparatus shown in FIG. It is a figure which shows the structure of an ECM section. It is a figure for demonstrating the data table which memorize | stored the time series ECM packet and scramble key (ODD / EVEN key) in embodiment of this invention. It is a figure which shows the example of an internal structure of the digital television receiver and card adapter in this Embodiment corresponding to the broadcast receiving system of FIG. It is a figure for demonstrating the operation | movement of the process of ECM and the production | generation of a scramble key in embodiment of this invention. It is a figure for demonstrating the example of a display of the menu screen of the pay channel by BML data by data broadcasting in embodiment of this invention, and the viewing-and-listening limitation process by a BML script. It is a figure which shows the communication sequence between the digital television receiver in embodiment of this invention, a card adapter, and an IC card. It is a figure which shows the other communication sequence between the digital television receiver in embodiment of this invention, a card adapter, and an IC card. It is a flowchart showing the processing flow of the card adapter in embodiment of this invention. It is the flowchart which showed the example of a process performed with the BML script in the data broadcast regarding the pay channel in embodiment of this invention.

  DESCRIPTION OF EXEMPLARY EMBODIMENTS Hereinafter, preferred embodiments of the invention will be described in detail with reference to the drawings.

  FIG. 1 is a block diagram showing a schematic configuration of the entire conditional access system for digital broadcasting in the present embodiment. This conditional access system is a conditional access system that restricts the viewing of specific broadcast content in a digital television receiver using an IC card for digital broadcast viewing, particularly in the following example, broadcast of a specific channel. Here, an example in a hotel hall will be described.

  A broadcast distribution system 10 installed in a management room or the like in a hotel building is connected to a broadcast reception system 20 installed in each guest room via a high-frequency transmission interface such as a coaxial cable.

  The broadcast distribution system 10 informs the user of a pay device for transmitting pay content broadcasted on a specific channel together with a predetermined data broadcast, and a password for viewing the pay broadcast content in exchange for payment. The ticket issuing machine 18, the sending device 14, the control device 16 for controlling the ticket issuing machine 18, the free broadcast content source 11, the RF signal from the free broadcast content source 11 and the RF output from the sending device 14 are mixed to each broadcast. The mixer 12 is configured to transmit to the receiving system 20. Here, the free broadcast content source 11 includes a terrestrial digital broadcast reception antenna 11a, a satellite broadcast reception antenna 11b, and the like.

  The “paid broadcast” in this specification means broadcast on a specific channel (voluntary broadcast) that a facility such as a hotel voluntarily performs for a fee. There are “paid” programs for satellite broadcasting and cable television programs that can be viewed only by subscribers, but such broadcasting is not included in the “paid broadcasting” of the present invention. “Broadcast content” is typically information including video and audio that is sent to viewers using broadcast waves, but may be sent via communication instead of broadcast waves. Good. In addition, “limited reception” in this specification means that the recipients of encrypted self-broadcast content are limited. In the present embodiment, it is necessary for viewing of broadcast content in an existing limited reception system. The use of the card adapter of the present invention separately from the IC card is a viewing condition. In the present embodiment, password determination by a BML script using data broadcasting is also used in combination as a simple measure for restricting viewing of a pay channel in order to charge viewing of independent broadcasting.

  The transmission device 14 includes an terrestrial digital broadcasting SI information transmission function, a BML stream generation function, a video / audio compression function, a video / audio scramble function, an orthogonal frequency division multiplexing (OFDM) modulation function, an RF The up-converter function is implemented. More specifically, the sending device 14 encrypts pay broadcast content compliant with digital terrestrial television broadcasting with a scramble key based on the encryption method, and includes the scramble key in an original ECM (Entitlement Control Message). The encrypted broadcast content is transmitted and the data broadcast content is transmitted. This data broadcast content includes menu screen configuration data for selecting paid broadcast content, a password for canceling the viewing restriction, password input screen configuration data, viewing restriction of the broadcast content, and a BML script for releasing the viewing restriction. BML data to be included. BS broadcast and terrestrial digital broadcast signals are received by the antennas 11a and 11b and sent together with the pay channel signals and the mixer 12 to the hall. The detailed internal configuration of the sending device 14 will be described later.

  The control device 16 is a device for controlling the sending device 14 and the ticket issuing machine 18, and is configured by a PC in this example. Specifically, the password for releasing the viewing restriction given to the ticket issuing machine 18 is updated every day. Simultaneously with the password update, BML (Broadcast Markup Language) data for limited reception is generated, converted into a TS stream file (BML file), and set in the transmission device 14. Generally, TS (Transport Stream) is 188-byte unit fixed-length packet data standardized for use in broadcasting and communication, and usually includes video, audio, and data. The password is transmitted from the control device 16 to the ticket issuing machine 18 via a communication interface such as a LAN and set. A single password per day may be set, but a plurality of passwords may be set in the ticket vending machine 18 and may be output sequentially or randomly. Data broadcasting content including such a password is transmitted from the control device 16 to the transmission device 14 via a communication interface such as a LAN.

  The ticket-issuing machine 18 in this embodiment is an electronic device that receives payment of a user's usage fee by a billing system similar to a vending machine and prints out a 6-digit password on a form that is a printing medium such as a piece of paper. . The ticket issuing machine 18 in the present embodiment is connected to the control device 16 via a communication interface such as a LAN, and receives password setting / updating. It is sufficient that at least one such ticket issuing machine 18 is installed in the hall, but if there are guest rooms on a plurality of floors, at least one may be installed on each floor. As the functions required for the ticket issuing machine 18, a communication function with the control device 16, a storage / update function for the received password, and a printing function for printing the password in a form are sufficient. There is no need for a relatively expensive PET card and its ticket issuing machine as in the prior art, and there is no need for a terminal device equipped with a PET card card reader in each guest room.

  The broadcast receiving system 20 includes a digital television receiver 21 with a remote controller 22, a card adapter 24, and an IC card 26.

  The IC card 26 is an existing digital broadcast viewing IC card called a B-CAS card, and is installed in a digital broadcast receiver (digital television receiver) and encrypted (scrambled) broadcast content. Can be viewed. The B-CAS card is a contact type IC card in which its ID number and master key are stored.

  The card adapter 24 is an adapter device provided by the present invention that is mounted between such a digital broadcast viewing IC card and a digital television receiver (television main body). More specifically, the card adapter 24 has a function of identifying whether or not the ECM received from the digital television receiver is a unique ECM. When receiving the unique ECM, the card adapter 24 extracts the scramble key from the unique ECM and performs digital processing. When the ECM other than the original ECM (non-unique ECM) is received and transmitted to the television receiver, the scramble key transmitted from the IC card 26 to the digital television receiver 21 is turned on. A specific configuration example of the card adapter 24 will be described later.

  The RF signal transmitted from the broadcast distribution system 10 is received by the television receiver 21 in each guest room. The user can use the remote controller 22 to select a normal television broadcast (non-independent broadcast) channel and an independent broadcast channel (paid channel). As the remote control, the remote control 22 of the television receiver can be used as it is, and the usability is improved. In addition, a pay channel menu using data broadcasting can be selected by channel selection using the remote controller 22 as in the case of an existing television receiver.

  The free digital broadcast channel is encrypted (scrambled) by an encryption method called MULTI2 and the encryption key (scramble key) can be taken from the IC card 26. In the present embodiment, when a user purchases a pay channel, the scramble key can be fetched from the card adapter 24 instead of the IC card 26 and the broadcast content can be decrypted (descrambled). However, viewing restrictions are separately applied to the broadcast content of the pay channel by the BML script received by data broadcasting, and the password needs to be input by the user to cancel it.

  In FIG. 2, the example of an external appearance structure of the card adapter 24 in this Embodiment is shown. The card adapter 24 in this example is similar to the adapter main body 24a having a slot 24g for accommodating the IC card 26 and a circuit board (not shown) on which electronic components constituting a necessary circuit are mounted, and the digital television receiver 21. And a card-like connecting member 24d mounted in the slot 21a. Originally, the IC card 26 is directly mounted in the slot 21 a, but in the present invention, the IC card 26 is mounted on the digital television receiver 21 via the card adapter 24. The power is supplied to the adapter main body 24a through a power cable 24f with a plug that can be connected to a power outlet. The card-like connecting member 24d and the adapter main body 24a are connected to each other by a cable 24b. In this example, a connector 24c is attached to the cable 24b, and is connected to the card-like connecting member 24d via this connector. However, the connector 24c is not essential, and the cable 24b may be directly attached to the card-like connecting member 24d. The same electrical contact 24e is formed at the same location as the IC card 26 in the card-like connection member 24d. A configuration in which the cable 24b is eliminated by directly connecting the card-like connecting member 24d to the adapter main body 24a may be employed.

  FIG. 3 is a block diagram showing the internal configuration of the sending device 14. The sending device 14 mainly has two functions of sending a BML stream and original encryption and sending of a video / audio stream.

  The transmission device 14 includes a terrestrial digital broadcast SI information generation unit 140, a BML stream generation unit 141, a video / audio encoder 142, a unique ECM packet generation unit 143, a scramble key generation unit 144, a timing control unit 145, a multiplexer 146, and a scrambler 147. , An OFDM modulator 148, and an RF upconverter 149.

  The terrestrial digital broadcast SI information generation unit 140 is a circuit that generates SI information (additional information) such as PAT, PMT, SDT, BIT, TOT, and NIT necessary for terrestrial digital broadcast. Such SI information can be set from the control device 16. The SI information is transmitted as a TS packet from the terrestrial digital broadcast SI information generation unit 140 at a timing compliant with ARIB.

  Data obtained by converting the BML file output from the control device 16 into a TS stream is recorded in the BML stream generation unit 141 and continuously reproduced at a set rate (cycle). The video / audio of the independent broadcast is compressed by the video / audio encoder 142 and converted into a TS stream. The independent broadcast video / audio is obtained from an arbitrary video / audio source such as a DVD player. In order to decrypt (descramble) an encrypted (scrambled) video / audio stream, an ECM packet is required.

  Here, the conditional access system (CAS) will be briefly described. In CAS, when viewing broadcast content, three keys are used: a master key, a work key, and a scramble key. The master key is a key distributed to each user, and is distributed to the user using an information medium such as an IC card. Information called EMM (Entitlement Management Message) is periodically output to the broadcast wave. The EMM includes contract information for each user as a contractor, a work key, and the like. Individual information for each user in the EMM is encrypted and decrypted with the master key. Broadcast content is transmitted together with common information called ECM (Entitlement Control Message). The ECM includes information related to a program (contract information necessary for viewing), a scramble key, and the like. The ECM is also encrypted with a predetermined encryption method and can be decrypted with the work key. On the IC card side, the ECM is decrypted with the work key, the contract information included in the EMM and the information in the ECM are collated, and if viewing is possible, the content is decrypted (descrambled) using the scramble key in the ECM. The

  FIG. 4 shows the structure of the ECM section. One ECM section is included in one TS packet, and includes an ECM section header, an ECM body, and a section CRC. The ECM main body includes a fixed part, a variable part, and a tamper detection part. The “tamper detection unit” corresponds to “CRF 32 for tamper detection” described later in the present embodiment. The fixed part includes a protocol number, provider identification information, work key identification information, scramble key (ODD), scramble key (EVEN), determination type, date and time, and recording control information. The protocol number is a protocol number for processing common information. The business operator identification information is a code for identifying a business entity in the conditional access system operation, and is information for specifying individual information to be referred to together with the work key identification information. The work key identification information is information that specifies a work key for decrypting the common information. The scramble key (ODD) and the scramble key (EVEN) are the current and next two scramble keys transmitted in pairs. The determination type indicates a viewing determination type such as free, deer, or PPV. The date / time indicates the current year / month / day / minute used for viewing determination. The recording control information is information indicating the recording conditions of this program (recording is possible, not possible, only the purchaser can record). The variable part of the ECM includes necessary function information according to the purpose of transmitting the common information. In the unique ECM of the present embodiment, the “protocol number” is set to be the same as the protocol number of the non-unique ECM packet, but the business entity identification information may be arbitrary. The work key identification information is used for designating which of a plurality of work keys is stored in the card adapter, and is not subject to encryption. In the present invention, the work key stored in the card adapter may be a single piece and need not be plural.

  Although the ECM packet is encrypted by a predetermined encryption method (first encryption method), in the present invention, an encryption method different from the predetermined encryption method is used to encrypt an ECM packet (unique ECM packet) used for pay broadcasting. Encryption is performed by (second encryption method). The second encryption method is a block encryption method, but the specific encryption method is not particularly limited.

  The unique ECM packet generation unit 143 has a function of generating an encrypted unique ECM packet and outputting it as a TS stream at regular time intervals (for example, 100 msec intervals). This unique ECM packet corresponds to the entire ECM section shown in FIG. The scramble key and thus the ECM packet are updated every longer fixed time interval (here, 2 seconds). For this purpose, as shown in FIG. 5, in this embodiment, a sequence of time-series ECM packets for a predetermined time (one day in this example) is generated in advance and stored as a data table 50 in a memory. As such a memory, a non-volatile storage medium such as a flash memory (for example, an SD memory) is used in this embodiment. In this storage medium, the scramble key generation unit 144 also stores a scramble key (ODD / EVEN key) corresponding to each ECM packet (a pair of scramble key and unique ECM in time series) as a data table. Since the ECM packet is 188 bytes and the ODD / EVEN key is 16 bytes, the data amount at one time is 204 bytes, the data amount of 1 minute in every 2 seconds is 6120 bytes, and the data amount of 1 day is 8.8 MB. Become. When the control device 16 generates a BML file used by the BML stream generation unit 141, this memory can also be used as an area for storing the BML file. The amount of data stored in the storage medium is one day, but is not necessarily limited to one day. It is considered that the longer the time length to be stored is, the more effective for security, but the present invention does not exclude a time shorter than one day.

  Such an ECM packet sequence can also be performed by random automatic generation. However, in that case, there is a risk that the decoding algorithm will be clarified from the generation algorithm of the ECM packet sequence in the sending device (for example, when the sending device is stolen). When the encrypted ECM packet is stored in the memory and used, only the data obtained as a result of the encryption is used, so that such a risk is eliminated.

  The timing control unit 145 controls the transmission timing of the ECM packet and the scramble key. Specifically, the scramble key generation unit 144 is controlled so that an EVEN / ODD key at a certain time is extracted from the table defined corresponding to the time every 2 seconds and is set in the scrambler 147. At the same time, the ECM packet generator 143 is controlled to take out an ECM packet defined as a pair with the EVEN / ODD key and output it as a TS stream. As described above, the ECM packet is repeatedly output every 100 ms.

  The TS stream generated by each unit is multiplexed by the multiplexer 146. Among the multiplexed streams, the video / audio / data stream is encrypted by the scrambler 147. SI information and ECM are not subject to encryption (scramble) by the scrambler 147. The scrambler 147 scrambles with an encryption method called MULT2. MULTI2 is an encryption method adopted as a standard encryption for the Japanese digital broadcast conditional access system (B-CAS). The TS stream including the encrypted stream is modulated as a terrestrial digital broadcast signal by the OFDM modulator 148, converted into a UHF signal by the RF upconverter 149, and output as RF. An empty channel for digital terrestrial broadcasting is selected as this RF output channel.

Figure 6 corresponds to the broadcast receiving system 20 of FIG. 1 is a diagram illustrating an internal configuration of the digital television receiver 21 and the card adapter 24 in the present embodiment.

  The digital television receiver 21 includes a tuner unit 211, a descrambler 212, a demultiplexer 213, a video / audio decoder 214, an input / output (I / O) unit 215, a control unit 216, a CAS processing unit 217, a display processing unit 218, and an infrared ray. The reception unit 219, the display control unit 220, the display unit 221, the audio processing unit 222, and the speaker 223 are configured.

  The tuner unit 211 is a part that extracts broadcast content of a channel selected from the RF signal received by the digital television receiver 21. The descrambler 212 is a part that decrypts (descrambles) broadcast content encrypted (scrambled) by the MULTI2 encryption method. A key for this decryption is given from a CAS processing unit 217 described later.

  The demultiplexer 213 is a part that separates the multiplexed stream and extracts video / audio and decoded data in the broadcast content. The video / audio decoder 214 is a decoder such as an MPEG2 decoder that decodes and restores the separated video and audio. The SI information extracted by the demultiplexer 213 is sent to the control unit 216. Next, of the SI information, an EMM and an ECM packet used for card access are sent to the CAS processing unit 217. An ECM packet is one packet of SI information. Only the main part of the ECM packet shown in FIG. 4 is sent from the control unit 216 to the CAS processing unit 217.

  The CAS processing unit 217 performs command and response processing between the card adapter 24 and the IC card 26 via the input / output (I / O) unit 215 and also performs processing for extracting a scramble key to be given to the descrambler 212 It is.

  The control unit 216 is a unit that performs the fetching of the section information and BML data extracted from the demultiplexer and the control and necessary processing of each unit of the digital television receiver 21, and is configured by a CPU, a memory, and the like with a built-in peripheral circuit Is done.

  The display processing unit 218 performs a process of combining and displaying the data broadcast display screen based on the BML data stream separated by the demultiplexer 213 and the video signal obtained from the video / audio decoder 214 under the control of the control unit 216. This is the part to be performed. More specifically, the display processing unit 218 performs menu display including BML data display, EPG display, channel, volume, and the like.

  The display control unit 220 is a part that controls the display unit 221 to display a video based on the video signal from the video / audio decoder 214 and an image based on the display signal from the display processing unit 218. The display unit 221 is a display device such as liquid crystal, plasma, or organic EL.

  The infrared receiving unit 219 is a part that receives an infrared command from the remote controller 22 and sends it to the control unit 216.

  The audio processing unit 222 is a part that drives the speaker 223 based on the audio signal obtained from the video / audio decoder 214.

  Note that such a configuration of the digital television receiver 21 is known.

  The card adapter 24 includes an analog switch 241, an analog switch 242, and an adapter control unit 243. A connection function to a LAN like the terminal device described in Patent Document 1 is not necessary.

  The analog switch 241 is a first switch that selectively conducts / cuts off a communication path between the I / O unit 215 of the digital television receiver 21 and the IC card 26. The analog switch 242 is a second switch that conducts / blocks complementarily with the analog switch 241. The adapter control unit 243 is connected to a communication path between the IC card 26 and the I / O unit 215 of the digital television receiver 21, more specifically, a communication path between the analog switch 241 and the IC card 26. When receiving a normal digital broadcast (non-independent broadcast), the analog switch 241 is connected and the analog switch 242 is disconnected, and the television receiver 21 and the IC card 26 are electrically connected.

  The adapter control unit 243 includes a processor (and a nonvolatile memory such as an EEPROM) 244 and has a function of identifying whether the ECM received from the digital television receiver is a unique ECM as described above. That is, the processor constantly monitors signals exchanged between the television receiver 21 and the IC card 26 and intercepts the encrypted ECM packet output to the IC card 26. The processor 244 can be realized, for example, by an 8-bit microcomputer with relatively simple and low cost.

  Since the ECM packet used in normal digital broadcasting is encrypted by a predetermined encryption method in the B-CAS standard, the processor 244 of the adapter control unit 243 cannot understand and does not react. The reason why it cannot be understood is that the ECM packet cipher is to be decrypted with the original cipher of the card adapter 24, but the judgment value of the alteration detection CRC 32 (“falsification detection” in the ECM main body in FIG. 4) is a predetermined value indicating non-falsification. Since it does not match (for example, 0), it is determined that it is not an ECM packet to be processed by itself. If data including an ECM packet of a unique encryption is sent to the communication path to the IC card 26, the encryption is similarly decrypted, and the CRC 32 determination value for alteration detection is checked. In this case, since the CRC32 determination value matches the predetermined value, it is determined that the encryption is unique.

  The operation of ECM processing and scramble key generation will be described with reference to FIG.

  As described above, when the adapter controller 243 of the card adapter 24 determines that the unique ECM has been received by the unique ECM determination processing 244b, the work key (Kw) that holds the unique ECM in advance by the decryption processing 244a. And the scramble key (Ks) is extracted and sent to the digital television receiver 21 via the analog switch 242 as the second switch. At this time, the analog switch 241 as the first switch is disconnected. When it is determined that an ECM other than the original ECM has been received, the scramble key (Ks) transmitted from the IC card 26 to the digital television receiver 21 via the analog switch 241 that is the first switch is turned on. At this time, the analog switch 242 as the second switch is kept in the cut-off state.

  On the IC card 26 side, the EMM is decrypted with the master key (Km) by the decryption process 262, and the work key (Kw) and the contract information are output. Further, the ECM is decrypted with the work key (Kw) by the decryption process 261, and the scramble key (Ks) and the program attribute information are output. The viewing condition determination processing 263 compares the contract information included in the EMM with the program attribute information in the ECM, and if it is determined that viewing is possible as a result of the comparison, the switch 264 is closed and the scramble obtained from the ECM The key (Ks) is output to the descrambler 212. When the IC card 26 decrypts the unique ECM in the present invention, it is determined that the IC card 26 is not a legitimate ECM by detecting the falsification, and a valid scramble key is not extracted. (There is no valid EMM, so no valid work key is extracted.)

  Thus, in the present invention, the broadcast content stream is encrypted with the unique scramble key. At that time, by adding an adapter configured to coexist with the existing IC card 26, key management becomes unnecessary and the system is simplified.

  Next, with reference to FIG. 8, a display example of a pay channel menu screen using BML data by data broadcasting and a viewing restriction process using a BML script according to the present embodiment will be described.

  The screen of the digital television receiver 21 in FIG. 8 shows an example of a pay channel selection screen at a hotel. In this example, there is shown a case where there are three pay channels (select buttons 25a, 25b, 25c) in the BML data. When a desired pay channel is selected by operating the cursor with the remote controller 22 and a determination button (not shown) on the remote controller 22 is pressed, a password input field 25d is displayed on the screen, and the user is requested to input a password. This password is a 6-digit numerical value printed on a form for the user to exercise the paid channel viewing right purchased on the day at the ticketing machine 18. The password is common to all pay channels, and it is assumed that if the password is entered once for any pay channel, it will be valid during the day. However, it may be different for each pay channel. If each pay channel is different, the ticketing machine 18 charges for each channel and issues a password. In the issued form, information specifying the purchased channel (for example, a paid channel number and its password are printed in pairs. In the BML data, a password different for each paid channel is included and sent to the television receiver. To do.

  The control unit 216 of the television receiver 21 receives the password of the day based on the received BML data and stores it in the memory. The password entered by the user is checked against the stored password. A configuration may be adopted in which a plurality of passwords are stored, and whether or not the input password matches any of the plurality of passwords. When the passwords match, the fact is stored, and during the day, it is not necessary to input again at the time of re-viewing after the end of viewing of the pay broadcast. “Today” is, for example, until the checkout time of each day. Therefore, the BML script is changed once a day at a predetermined time (for example, 12:00 noon). At the same time, the updated password is set from the control device 16 in the ticket issuing machine 18.

  As a mechanism for restricting viewing of a paid channel (broadcast content) using a BML script, video non-display (full-screen overlay) and audio mute defined in the ARIB standard can be used. Although viewing restrictions by this BML data are not directly related to video / audio encryption of broadcast contents, robust viewing restrictions can be achieved by combining with the scrambling of pay broadcast contents according to the present invention using a unique scramble key. Can be realized.

  FIG. 9 shows a communication sequence between the digital television receiver 21, the card adapter 24, and the IC card 26 in the present embodiment. The process in this figure is a sequence in the case where a channel for non-independent broadcasting is selected.

  When the television receiver 21 detects the attachment of the IC card 26 (S11), it supplies power to the IC card 26 (S12). At the same time, a clock having a predetermined frequency (for example, 4 MHz) is supplied (S13), and the reset of the IC card 26 is released after the time for stabilizing the circuit of the IC card 26 (stable time) has elapsed (S14).

After the reset is released, the IC card 26 returns basic communication information such as a board rate, a clock frequency, and a timeout to the television receiver as an ATR (Answer To Reset ) S31 (S31). The television receiver 21 receives the ATR response (S15), and starts exchanging serial data in a format based on the response. In the case of B-CAS, the buffer size setting is changed first.

  Thereafter, the television receiver 21 issues an initial setting command (S16). In response to this, the IC card 26 returns its own card ID and a system key and initial data used for the MULTI2 encryption (S32).

  When receiving the ECM packet in synchronization with the effective channel, the television receiver 21 issues an ECM command including the encrypted ECM packet to the IC card 26 at regular intervals (S17). This ECM command is a command for requesting return of a scramble key extracted by decryption of the ECM. When the IC card 26 receives the ECM command and program playback is enabled (that is, when the determination condition of the viewing condition determination process 263 described in FIG. 7 is satisfied), the scramble key required for the MULTI2 encryption is used. Then, the ODD / EVEN key is returned (S34). If the program reproduction is prohibited, the ODD / EVEN key is set to all 0 and returned. Such a scramble key is transmitted to the television receiver 21 via the analog switch 241.

  The card adapter 24 intercepts the ECM packet and decodes it (S21), but the analog switches 241 and 242 are not switched because the CRC32 determination value does not match the predetermined value.

  Thereafter, every time an ECM command is issued (S18,...), The same processing is repeatedly executed (S22, S35, S36,...).

FIG. 10 shows a communication sequence between the digital television receiver 21, the card adapter 24, and the IC card 26 in the present embodiment, as in FIG. However, the processing of this figure is a sequence in the case where a channel for independent broadcasting is selected. Steps similar to those shown in FIG. 9 are given the same reference numerals, and redundant descriptions are omitted. That is, steps S11 to S18, S21 to S22, S31 to S33, and S35 are the same as those in FIG.

  When the self-broadcast channel is selected, since the ECM command issued from the television receiver 21 is encrypted by a unique encryption method, the IC card 26 can decrypt it using its own encryption method (S33, S35) A valid scramble key cannot be obtained. On the other hand, when the card adapter 24 decodes the ECM packet (S21, S22), the CRC32 determination value matches the predetermined value. Therefore, the switch is switched so that the analog switch 242 is connected and the analog switch 241 is shut off (S211). As a result, the response from the IC card 26 is blocked, and the card adapter 24 returns a unique scramble key instead. That is, the scramble key (ODD / EVEN key) obtained by this decryption is returned to the television receiver 21 (S212). Thereafter, the switch is switched so that the analog switch 241 is connected and the analog switch 242 is shut off (S213).

  Thereafter, every time an ECM command is issued (S18,...), The same processing is repeatedly executed (S22, S221 to S223,...).

  FIG. 11 is a flowchart showing the processing flow of the card adapter 24. This process is executed by the processor 244 of the card adapter 24.

  As soon as the power and clock are supplied and the reset is released, the monitoring of the serial I / O of the IC card 26 is started, and the serial message is obtained, that is, the serial data is received (S41). When a message having the correct message length is received (S42, Yes), the message is analyzed (S43). If the message is an ECM command (S44, Yes), the received data is decrypted (S45), and the CRC 32 bits for alteration detection are checked (S46).

  If the cipher is a unique cipher, the CRC32 determination value is 0, that is, “no tampering” (S47, Yes), and it is determined that the ECM command is addressed to itself. Otherwise, since it is an ECM command for the IC card 26, the process returns to the first step S41 without executing the subsequent steps.

  In the case of an ECM command with a unique encryption, the analog switch 241 is shut off and the analog switch 242 is connected to enable serial TX output of the original scramble key extracted from the ECM. Next, it waits for a predetermined time (S49). In this example, a response from the IC card 26 is waited for two characters. The reason for waiting for a predetermined time is that the timing of the character to be returned is wrong, or that no meaningless data is returned due to the shut-off / connection timing of the analog switches 241 and 242. Thereafter, an ODD / EVEN key as its own scramble key is serially output (S50). When the output of the unique scramble key is completed, the state of the analog switches 241 and 242 is restored (S51), and the serial I / O path between the television receiver 21 and the IC card 26 is connected.

  FIG. 12 is a flowchart showing an example of processing executed by a BML script in data broadcasting related to a pay channel in the present embodiment. This process is executed by the control unit 216 in the television receiver 21 shown in FIG.

  By this BML script, viewing of broadcast content is initially limited for pay channels. When the pay channel is selected by the user, the control unit 216 prompts the user to input a password as shown in the display screen example of FIG. 8 (S61). Initially, with respect to the pay channel, as a viewing restriction, video non-display and audio mute as defined in the ARIB standard are performed. Next, the input password is compared with a stored password that has already been received with BML data (S62). When a different password is set for each of the plurality of pay channels (select buttons 25a, 25b, 25c), the BML script performs comparison using the password stored in accordance with the selected channel. . If the input password does not match the stored password (S63, No), an error message 25e is output (displayed) (S64), and the process returns to step S61. If the two passwords match (S63, Yes), the viewing restriction on the pay channel is released (S65).

  Although the preferred embodiments of the present invention have been described above, various modifications and changes can be made in addition to those mentioned above. For example, although the restriction of viewing by password is in units of channels, it is also possible to set a password in units of such broadcast contents when payable broadcast contents (program titles) can be specified on the data broadcast screen. The number of digits of the password is 6 digits, but is not limited to this. Although the number of pay channels is three, it may be one or more. When there is a single pay channel or content, there is no need to select the selection button on the menu screen of the data broadcasting content described above.

  The ticket issuing machine is not an essential element in the present invention. For example, a password can be transmitted from a staff member to a user at a hotel reception or the like.

  Moreover, although the hotel was mentioned as the facility where the limited reception system of the present invention is introduced, it may be any facility other than the hotel, for example, a hospital, a nursing home, an educational facility, and the like.

  The objects to be scrambled by the scrambler 147 in FIG. 3 do not need to include data broadcast contents, but at least include video and audio.

  Although the above embodiment has been described as having viewing restrictions based on data broadcasting contents, viewing restrictions based on data broadcasting contents are not essential elements of the present invention. It is not always necessary to pay for independent broadcasting.

  Although the broadcast in the hall of a specific facility was explained, it is not necessarily limited to the hall. The present invention can be applied to a system in which digital broadcast content that is not encrypted at a certain point is encrypted with a unique scramble key and the encrypted digital broadcast content is transmitted to another point.

DESCRIPTION OF SYMBOLS 10 ... Broadcast distribution system, 11 ... Free broadcast content source, 11a ... Terrestrial digital broadcast receiving antenna, 11b ... Satellite broadcast receiving antenna, 12 ... Mixer, 14 ... Sending device, 16 ... Control device, 18 ... Ticketing machine, 20 ... Broadcast receiving system, 21 ... digital television receiver, 21a ... slot, 22 ... remote controller (remote controller), 24 ... card adapter, 24a ... adapter body, 24b ... cable, 24c ... connector, 24d ... card-like connecting member, 24e ... Electrical contact, 24f ... power cable, 24g ... slot, 25a, 25b, 25c ... button, 26 ... IC card, 140 ... information generator, 141 ... stream generator, 142 ... video / audio encoder, 143 ... packet generator, 144: scramble key generation unit, 145: timing control unit, 14 ... multiplexer, 147 ... scrambler, 148 ... OFDM modulator, 149 ... upconverter, 211 ... tuner, 212 ... descrambler, 213 ... demultiplexer, 214 ... video / audio decoder, 215 ... I / O unit, 216 ... Control unit, 217 ... CAS processing unit, 218 ... display processing unit, 219 ... infrared receiving unit, 220 ... display control unit, 221 ... display unit, 222 ... audio processing unit, 223 ... speaker, 241 ... analog switch, 242 ... analog Switch, 243 ... Adapter control unit, 244 ... Processor, 244a ... Decoding process, 244b ... Determination process, 261 ... Decoding process, 263 ... Viewing condition determination process

Claims (8)

A conditional access system for restricting viewing of broadcast content in a digital television receiver using an IC card for digital broadcast viewing,
A card adapter mounted between the digital broadcast viewing IC card and the digital television receiver;
A transmission device for transmitting broadcast content including at least video and audio,
The transmission device encrypts the broadcast content with a predetermined scramble key, includes the scramble key in a unique ECM, and transmits the encrypted broadcast content.
The card adapter has a function of identifying whether the ECM received from the digital television receiver is a unique ECM, and extracts the scramble key from the unique ECM when the ECM is the unique ECM. A conditional access system characterized in that a scramble key transmitted from the IC card to the digital television receiver is conducted when the ECM is an ECM other than the original ECM. The sending device encrypts the unique ECM with a second encryption method different from the first encryption method with which the non-unique ECM is encrypted,
2. The conditional reception according to claim 1, wherein the card adapter decrypts the unique ECM encrypted by the second encryption method to extract a scramble key, and sends the extracted scramble key to the digital television receiver. system.   3. The conditional access system according to claim 1, wherein the transmission apparatus includes means for generating a plurality of pairs of the scramble key and the unique ECM in time series.   The means for generating a plurality of pairs of the scramble key and the unique ECM in time series includes a storage means for storing a plurality of pairs of the scramble key and the unique ECM, and a plurality of the stored pairs at a predetermined timing. The conditional access system according to claim 3, further comprising a timing control unit that repeatedly reads out data.   The transmission device transmits data broadcast content including at least a password for releasing the viewing restriction, a password input screen, a viewing restriction on the broadcasting content, and a BML script for releasing the broadcasting content together with the broadcasting content. The conditional access system in any one of -4.   The conditional access system according to claim 5, further comprising a ticket issuing machine that prints out the password in a form. In a conditional access system for restricting viewing of broadcast content in a digital television receiver using a digital broadcast viewing IC card, a card adapter mounted between the digital broadcast viewing IC card and the digital television receiver. ,
A first switch for selectively conducting / cutting off a communication path between the digital broadcast viewing IC card and the digital television receiver;
A second switch conducting / blocking complementary to the first switch;
The ECM is connected to a communication path between the digital broadcast viewing IC card and the digital television receiver, and has a function of identifying whether the ECM received from the digital television receiver is a unique ECM. When it is the unique ECM, the scramble key is extracted from the unique ECM and sent to the digital television receiver via the second switch. When the ECM is an ECM other than the unique ECM, the second A card adapter comprising: adapter control means for performing conduction control of a scramble key transmitted from the IC card to the digital television receiver via one switch.   The card adapter according to claim 7, wherein the adapter control unit determines whether the ECM is a unique ECM based on whether the ECM received from the digital television receiver can be correctly decoded.

Images