MXPA00002964A

MXPA00002964A - Method and apparatus for recording of encrypted digital data

Info

Publication number: MXPA00002964A
Application number: MXPA/A/2000/002964A
Authority: MX
Inventors: Michel Maillard
Original assignee: Canal+ Societe Anonyme
Priority date: 1997-09-25
Filing date: 2000-03-24
Publication date: 2001-07-09

Abstract

A method for transmission and recording of encrypted information (Ce), in which the information (Ce) is encrypted by a first key and transmitted in encrypted form, the encrypted information (Ce) being received by a decoder (2020) possessing an equivalent of the first key necessary to decrypt the information and characterised in that the decrypted information (Ce) is re-encrypted by means of a second key (C2) stored in a portable support device (4004) adapted to be received by the decoder (2020) and/or digital recording device (4005), the re-encrypted information being thereafter recorded on the digital recording medium (4006). When replaying the recording, the information is decrypted by means of the second key (C2) stored on the support means (4004). In a particularly preferred embodiment, the information (Ce) corresponds to a control word used to scramble and descramble transmitted data, the re-encrypted control word (Ce) being stored on the recording medium (4006) together with the still scrambled transmitted data.

Description

METHOD AND APPARATUS FOR G RABACTION OF ENCRYPTED DIGITAL DATA The present invention relates to a method and apparatus for recording mixed digital data, for example television transmissions. The transmission of encrypted data is well known in the field of pay-TV systems, where mixed audio-visual information is commonly transmitted via satellite to a number of subscribers, each subscriber having a decoder or receiver / decoder capable of transmitting the data. order the transmitted program for its subsequent observation. In a typical system, the mixed digital data is transmitted together with a control word for ordering the digital data, the control word itself is encrypted by a first key and transmitted in encrypted form, the mixed digital data and the control word encrypted are received by a decoder that has an equivalent of the first key needed to decrypt the encrypted control word and then order the transmitted data, the decoder is additionally adapted to pass the digital data in its still mixed form to a device. digital recording. A subscriber who has paid will receive the necessary key every month to decrypt the encrypted control word so that he can see a particular program. With the advent of digital technology, the quality of the transmitted data has increased many times. A particular problem associated with digital quality data is its ease of reproduction. When an ordered program is passed via an analog link (eg, the "Peritel" link) to view and record it on a standard video recorder, the quality is no higher than that associated with a standard analogue cassette recording. The risk that such a recording can be used as a master copy to make pirated copies is therefore no greater than with a standard analogue cassette recorder in the store. Conversely, any digital data sorted through a direct digital link to one of the new generation digital recording devices (eg, a DVHS recorder) will have the same quality as the originally transmitted program and therefore It can be played any number of times without any degradation of sound quality or image. Therefore, there is a considerable risk that the sorted data will be used as a master copy to make pirated copies, either more digital copies or even simple VHS analog copies. French Patent Application 95 03859 shows a way to solve this problem, by means of a system in which the organized digital data is allowed to be recorded in the digital recording medium. Instead, the decoder described in this application records the data in its mixed form of the recording medium, together with the control word necessary to organize the re-encrypted data by another key. This new key is known only by the receiver / decoder and replaces the first key needed to get the control word to view the program. The advantage of this system is that the data is never stored in a "clear" way and can not be seen without having the new key, stored in the receiver / decoder. The system also has the advantage that as the first key changes monthly, the use of a constant key to re-encrypt the control word recorded on the digital tape means that the receiver / decoder will still be able to decrypt the control word recorded in the tape still after the end of a month of subscription. The disadvantage of the system proposed in this patent application is that the recording can only be viewed in conjunction with that particular receiver / decoder. If that decoder is broken down, or replaced, the recording can no longer be played. In the same way, it is not possible to play the recording directly on a digital recorder without connecting the receiver / decoder in the system and therefore an observer has to keep his subscription with the pay television company to keep the decoder in order to be able to see movies that have already been broadcast. It is an object of the present invention to solve the problems associated with this solution while maintaining secure recording of digital data that can be easily used to generate pirated copies of the transmitted data. The present invention comprises a method for the transmission and recording of encrypted digital information in which the digital information is encrypted by a first key and transmitted in an encrypted form, the encrypted information is received by a decoder having access to an equivalent of the first key necessary to decrypt the information and characterized in that the decrypted information is subsequently re-encrypted by a second key stored in a portable support device adapted to be received by the decoder or an associated digital recorder, the re-encrypted information is subsequently recorded on the digital recording medium by the digital recorder. In this way, the present invention solves the problems of the prior art since the subsequent reproduction of the recorded data is independent of the identity of the decoder. When the recording is replayed, the information is decrypted by the second key stored in the support medium. The replacement of the decoder will not invalidate the recording in question while the new decoder has a receptacle to receive the support device containing the second key. If it is provided with an appropriate reader, the digital recorder can read the second key and allow the reproduction of the information without the need of the decoder. Unlike the decoder, which is a relatively complex piece of equipment that can be easily broken, the portable support device can be implemented in a simple rugged form. The information re-encrypted by the second key and stored in the digital recording medium may simply correspond to audiovisual information. However, in a preferred embodiment, the digital information corresponds to a control word for ordering the mixed digital data, the mixed digital data that is being transmitted together with the control word encrypted by the first key, the control word is subsequently decrypted by the first equivalent key and re-encrypted by the second key, and the re-encrypted control word and the mixed data are then recorded in the digital recording medium. In a particularly preferred embodiment, the portable support device is a smart card adapted to be received in a smart card reader in the digital decoder and / or recorder. In this application, the term "smart card" is used to mean any conventional integrated circuit-based card device having, for example, a microprocessor or an electronically erasable, programmable read-only memory to store the algorithm of the second key. Also included in this term are integrated circuit devices having alternative physical forms, for example keyed devices such as those used in television set-top boxes. In one embodiment, the smart card also contains the equivalent of the first key used to decrypt the control word for the initial ordering of the data, for example to see in the case of a television transmission system. In this case, the smart card is part of the paid television system and may also contain a personalized key known by the transmitter to allow the transmitter to selectively identify which subscribers will receive a first updated key at the end of the month. In an alternative modality, the second key is stored on a smart card different from the one used to store the first key. In this modality, the reading of the information stored in the digital medium is then totally separated from the subscriber system and, even more so after the subscriber has left the system and has taken out his subscription card, he can continue to watch previously recorded films. that the digital player / recorder that you have is adapted to read the smart card that accompanies it. In such a system, a single smart card and a second key can be used to generate the re-encrypted control word for a plurality of recordings. In this way, a single "library card" can be used to decrypt any number of recordings.

In one embodiment, the smart card may also contain a number of credit amounts that are being reduced with each subsequent partial or complete reproduction of the recording. For example, these credit units can be downloaded in a message along with the first pass code. In one embodiment the credit units are associated with a particular segment of the recording so that the reproduction of a section of the recording, for example, the first or last quarter of an hour of the recording will reduce certain credit units associated with the recording. these sections. Alternatively, the credit units are of a single type and are reduced with the reproduction of any section of the recording. As mentioned above, the present invention is particularly applicable to the case in which the algorithm of the second key is stored on a smart card associated with the recording medium. However, in an alternative embodiment, the portable support is defined by the recording itself, the second key is stored in an integrated circuit inserted in the housing of the digital recording medium. Such a technique has already been suggested, for example, in the case of DVHS cassettes where a set of metallic contacts can be provided on an exterior surface of the housing of the cassette, the contacts go to an electronic circuit, such as via an integrated circuit inside the accommodation. These contacts can be coupled through a corresponding set of contacts in the recorder's receptacle to allow communication between the integrated circuit and the video recorder. In these systems, however, security is provided in spite of the fact that the key is with the recording, since the key can not easily be copied from the inserted integrated circuit. The variations described above with respect to the smart card modes can also be applied to systems in which the support is defined by the recording housing. The present invention is particularly applicable to a method in which the mixed data represent audiovisual data transmitted in a mixed television transmission. The present invention has been described above in relation to a method but it also applies to an apparatus. The terms "mixed" and "encrypted" and "control word" and "key" have been used here for the purpose of language clarity. However, it will be understood that a fundamental distinction should not be made between "mixed data" and "encrypted data" or between a "control word" and a "key". Similarly, although the description refers to "receivers "decoders" and "decoders", it will be understood that the present invention also applies to embodiments having a receiver integrated with the decoder such as a decoder unit operating in combination with a physically separate receiver. to embodiments in which the decoder is integrated with other devices, such as televisions or even digital video recorders.A preferred embodiment of the invention will now be described by way of example only and with reference to the accompanying drawings, in which which: Figure 1 shows the general architecture of a digital television system, adapted by the present invention to interact with a digital recording device, Figure 2 shows the conditional access system of the television system of Figure 1; Figure 3 shows the different levels of encryption in the television system n; Figure 4 shows the structure of a packet transmitted in digital television system, including visual data, audio and teletext and ECM message component; Figure 5 shows a first embodiment of the invention including a digital recording device and a smart card containing a second algorithm used to encrypt the control word to be registered in a digital video cassette; Figure 6 shows a second embodiment of the invention in which the smart card contains the first and second keys necessary to view the program transmitted and recorded, respectively, together with credit units to determine the number of times a user can see a Program; and Figure 7 shows a third embodiment of the invention in which the second key is stored in an integrated circuit mounted in the housing of the digital video case. Digital Television System Figure 1 shows an overview of a digital television reception and transmission system 100 adaptable to the present invention. The system includes a conventional digital television system 2000 which uses the known MPEG-2 compression system to transmit compressed digital signals. In more detail, the 2002 M PEG-2 compressor in a transmission center receives a stream of digital signals (commonly a stream of video signals). The compressor 2002 is connected to a multiplexer and mixer 2004 by a link 2006. The multiplexer 2004 receives a plurality of additional input signals, assembles one or more transport streams and transmits compressed digital signals to a transmitter 2008 of the transmission center via the transmitter. 2010 link, which of course can take a wide variety of forms including telecommunications links. The transmitter 2008 transmits electromagnetic signals via an upward link 2012 to a satellite transponder 2014, where they are processed electronically and transmitted via the downward notional link 2016 to the land receiver 2018, conventionally in the form of a proprietary or rented dish by the end user. The signals received by the receiver 2018 are transmitted to an integrated receiver / decoder 2020 owned or rented by the end user and connected to the end user television 2022. the receiver / decoder 2020 decodes the compressed signal MPEG-2 into a television signal for the television set 2022. A conditional access system 3000 is connected to the multiplexer 2004 and the receiver / decoder 2020, and is located partially in the transmission center and partially in the decoder. It allows the end user to have access to digital television transmissions from one or more transmission providers. A smart card capable of decrypting messages relating to commercial offers (ie, in or several television programs sold by the broadcast provider) can be inserted into the receiver / decoder 2020. Using the decoder 2020 and the smart card, the end user You can buy events either through a subscription or on a pay-per-view basis. An interactive system 4000, also connected to the multiplexer 2004 and the receiver / decoder 2020 and again partially located in the transmission and partially in the decoder, allows the end user to interact with several applications via a return channel in modem 4002. Access System Conditional With reference to Figure 2, the conditional access system 3000 includes a Subscriber Authorization System (SAS) 3002. The Subscriber Authorization System 3002 is connected to one or more Subscriber Management Systems (S MS) 3004 , an SMS for each transmission provider, through a respective one in TCP-I P 3006 (although other types of links could be used alternatively). Alternatively, a Subscriber Management System could be shared between two transmission providers, or a provider could use two Subscriber Management Systems, and so on. The first encryption units in the form of an encryption unit 3008 using "mother" 3010 smart cards are connected to the Subscriber Authorization System via link 3012. The second units are encrypted again in the form of encryption units 3014 using smart cards mothers 301 6 are connected to the multiplexer 2004 via link 301 8. The receiver / decoder 2020 receives a "daughter" smart card 3020. It is connected directly to the Subscriber Authorization System 3002 via Comms Servers 3022 via the return channel in modem 4002. The Subscriber Authorization System mandates, among other things, subscription rights to the daughter smart card upon request. Smart cards contain the secrets of one or more commercial operators. The smart card "mother" encrypts different types of messages and smart cards "daughters" decrypt the messages, if they have the right to do so. The first and second encryption units 3008 and 3014 comprise a group, a VM E electronic card with computer programs stored in an electronically erasable, programmable read-only memory, up to 20 electronic cards and a 3010 smart card and 3016, respectively, for each electronic card, one (card 3016) for encrypting Authorization Control Messages and one (card 3010) for encrypting Authorization Management Messages. As will be described, the ECMs or Authorization Control Messages are encrypted messages inserted in the data stream of a transmitted program and contain the control word necessary to organize a program. The authorization of a given receiver / decoder is controlled by Authorization Management Messages or EMMs, transmitted less frequently, for example each month, and which provide a receiver / decoder with the key necessary to decode the Authorization Control Message. The conditional access system operation 3000 of the digital television system will now be described in more detail with reference to the various components of the television system 2000 and the conditional access system 3000. Multiplexer and Mixer With reference to Figures 1 and 2, In the transmission center, the digital video signal is first compressed (or the bit rate is reduced) using the 2002 MPEG-2 compressor. Then, this compressed signal is transmitted to the multiplexer and mixer 2004 via the 2006 link to multiplex with other data, such as compressed data. The mixer generates a control word Ce used in the mixing process and included in the MPEG-2 stream in the multiplexer 2004. The control word Ce is generated internally and allows the integrated end-user receiver / decoder 2020 to order the Program. Access criteria are also added, indicating the way in which the program is marketed to the MPEG-2 stream. The program can be marketed either in a number of "subscription" modes and / or one of a number of "Pay Per View" (PPV) modes or events. In the subscription mode, the end user subscribes to one or more commercial offers of "bouquets" thus obtaining the rights to see each channel within those bouquets. In the preferred mode, up to 960 commercial offers can be selected from a bunch of channels. In Pay-per-Event mode, the end user has the ability to buy the events they want. This can be achieved by pre-registering the event in advance ("Pre-registration mode") or by purchasing the event as soon as it is transmitted ("impulse mode"). The control word Ce and the access criteria are used to build an Authorization Control Message (ECM); this is a message sent in relation to a mixed program; the message contains a control word (which allows the ordering of the program) and the access criteria of the transmission program. The access criteria and the control word are transmitted to the second encryption unit 3014 via link 3018. In this unit, an Authorization Control Message is generated, encrypted with a first Cex key and transmitted to the multiplexer and mixer 2004 Each service transmitted by a transmission provider in one data comprises a number of different components; for example a television program includes a video component V, an audio component S, a component of subtitles or teletext T and so on (see Figure 4). Each of these components of a service is individually mixed and encrypted for subsequent transmission to the 2014 transponder. With respect to each mixed component of the service, a separate Authorization Control Message is required. Transmission of the Program The multiplexer 2004 receives electrical signals that comprise Encrypted Authorization Management Messages of the second encryption unit 3014 and compressed programs of the 2002 compressor. The 2004 multiplexer mixes the programs and transmits the mixed programs, the encrypted Authorization Management Message (if any) and the Control Messages of Authorization encrypted as electrical signals to a transmitter 2008 of the transmission center via the link 2010. The transmitter 2008 transmits electromagnetic signals to the 2014 satellite transponder via the uplink 2012.

Reception of the Program The satellite transponder 2014 receives and processes the electromagnetic signals transmitted by the transmitter 2008 and transmits the signals to the receiver on land 2018, conventionally in the form of a plate owned or rented by the end user, via the link downwards 2016. The signals received by the receiver 2018 are transmitted to the integrated receiver / decoder 2020 owned or rented by the end user and connected to the end user's television device 2022. The receiver / decoder 2020 demultiplexes the signals to obtain programs mixed with messages of Encrypted Authorizations and Encrypted Authorization Control Messages. If the program is not mixed, the receiver / decoder 2020 decompresses the data and transforms the signal into a video signal for transmission to the television set 2022. If the program is mixed, the receiver / decoder 2020 extracts the Authorization Control Message corresponding to the MPEG-2 stream and passes the Authorization Control Message to the "daughter" 3020 smart card of the end user. This enters a housing in the receiver / decoder 2020. The daughter smart card 3020 controls whether the end user has the right to decrypt the Authorization Control Message and have access to the program. If the end user does not have the necessary rights, a negative state is passed to the receiver / decoder 2020 to indicate that the program can not be sorted. If the end user does not have the rights, the Authorization Control Message is decrypted and the control word is extracted. The decoder 2020 can then order the program using this control word. The MPEG-2 stream is decompressed and translated into a video signal to the transmission in the television set 2022. The encryption levels used will be described in more detail with respect to Figure 3 below. Subscriber Management System (SMS) A Subscriber Management System (SMS) 3004 includes a 3024 database that manages among other things, all end user files, business offers (such as rates and promotions) subscriptions, details of payment per event and data on consumption and end user authorization. The Subscriber Management System may be physically remote from the Subscriber Authorization System. Each Subscriber Management System 3004 transmits messages to the Subscriber Authorization System 3002 via the respective link 3006 to allow modifications or creations of the Authorization Management Messages (EMMs) to transmit them to the end users. The Subscriber Administration System 3004 also transmits messages to the Subscriber Authorization System 3002 that does not imply modifications or creations of Authorization Management Messages but only implies a change in the state of an end user (referring to the authorization granted to the user final when you ordered products or the amount that will be charged to the end user). Authorization Management Messages (EMMs) The Authorization Management Message is a message dedicated to an individual end user (subscriber) or a group of end users (in contrast to an Authorization Control Message, which is dedicated to a mixed program only or to a group of mixed programs if part of them is a commercial offer). A group can contain a given number of end users. This organization as a group aims to optimize the bandwidth; that is, access to a group can allow reaching a greater number of end users. Various specific types of Authorization Management Messages are used to carry out the present invention. Individual Authorization Management Messages are dedicated to individual subscribers, and are commonly used in the provision of Pay-Per-View services; these contain the group identifier and the position of the subscriber in that group. The so-called "Group" Subscription Authorization Administration Messages are dedicated to groups of, say, 256 individual users, and are commonly used in the administration of some subscription services. This Authorization Management Message has a group identifier and a bitmap of the group of subscribers. Audience Authorization Management Messages are dedicated to whole audiences, and could be used, for example, by a particular operator to provide certain free services. An "audience" is the totality of subscribers who have smart cards that have the same Operator Identifier (OPI). Finally, a "unique" Authorization Management Message is directed to the unique identifier of the smart card. System Encryption Levels With reference to Figure 3, the encryption levels in the transmission system will be described below. The stages of encryption associated with digital data transmission are shown in 4001, the transmission channel (eg, a satellite link as mentioned above) in 4002 and the decryption stages in the receiver in 4003. The digital data N are mixed by a control word Ce before being transmitted to a multiplexer Mp for subsequent transmission. As will be seen in Figure 4, the transmitted data includes an Authorization Control Message comprising, inter alia. Alia, the control word Ce is encrypted by a Ch 1 encryptor controlled by a first Cex encryption key. In the receiver / decoder, the signal passes through a demultiplexer DMp and computer D before going to a television 2022 for observation. A decryption unit DCh 1 also has the key Cex decrypts the Authorization Management Message in the demultiplexed signal to obtain the control word Ce subsequently used to order the signal.

For security reasons, the control word CE inserted in the encrypted Authorization Control Message changes on average every 10 seconds. In contrast, the first Cex encryption key used by the receiver to decode the Authorization Control Message is changed approximately every month by an Authorization Management Message. The Cex encryption key is encrypted by a second ChP unit using a custom key Cg corresponding to the identity of the decoder. If the decoder is one of those selected to receive an updated Cex key, a DChP decryption unit in the decoder will decrypt the message using its Cg key to obtain the Cex encryption key for that month. The DChp and Dch 1 decryption units and associated keys are kept on a smart card provided to the subscriber and inserted into a smart card reader in the decoder. The keys can be generated in accordance with any known symmetric key algorithm, such as DES. Alternative modalities that use public / private key algorithms are also possible. Recording of Digital Data As stated in the introduction, it is not advisable to allow digitally ordered data to be recorded in view of the risks that arise in connection with an unauthorized copy and piracy. As shown in Figure 5, the present invention provides a means to solve this problem.

The system comprises a smart card 4004, which can be inserted into a smart card slot in the receiver / decoder, together with a digital recorder 4005, for example, a DVHS recorder, including a digital recording medium 4006, such as a cassette DVHS. In this embodiment, the received control word is decrypted by the associated smart card 3020 inserted in the decoder (see Figure 2). The decoded control word Ce (together with other data forming the Authorization Control Message, such as access control information, etc.) is then passed to the microprocessor inserted in the smart card 4004. using a second encryption key C2 and a second encryption algorithm Ch2, the smart card 4004 generates a new Authorization Control Message, indicated as ECM 'in the Figure. Then this ECM 'is used to replace the Authorization Control Message in the mixed data stream of the demultiplexer DMp as shown in 4007 and the mixed data combination and the new ECM Authorization Control Message' are recorded in the DVHS cassette 4006. The ECM Authorization Control Message 'may be inserted into the stream of data that circulates as a shift control register R. In this manner, the invention avoids the recording of decoded audiovisual information in the cassette. To play the cassette, the card is reinserted into the decoder, the key C2 is used to decode the ECM Authorization Control Message 'and the subsequently extracted control word Ce is used to control the decoder to order the program to see it . In the system shown in Figure 5, the smart card 4004 is different from the smart card 3020 shown in Figure 2 of the television system and which contains the encryption keys necessary to view the program. However, in the alternative embodiment shown in Figure 6, the smart card 3020 contains the first and second encryption keys Cex and C2 necessary to view and record the program. As shown, the Cex key controls the decryption of the Authorization Control Message to generate the control word Ce used by the computer D to view the program and subsequently encrypted by the key C2 to form the new ECM7 Authorization Control Message. algorithms DCh 1 and DCh2 have not been shown for reasons of space. The smart card 3020 in fact also starts with the custom key Cg (not shown) allowing the decryption of Authorization Management Messages to obtain the Cex key of that month stored in the memory of the card. Although the smart card has been shown in the form of a substantially rectangular card, other physical forms such as key shapes, etc. are also possible. The Authorization Control Message transmitted with the program and decrypted by the card may also contain U credit units subsequently stored in the card and which control the number of times a recorded movie can be viewed. In the simplest mode, the credit units can be reduced during the playback of the recorded movie each time an ECM Authorization Control Message goes through the decoder. Once the number of credits has been reduced to zero, indicating that the recording has been viewed a predetermined number of times, a message is sent to the decoder to prevent the movie from being seen again, unless the credit units are reloaded (for example, a charge instruction sent in an Authorization Management Message). In alternative modalities, the credit units can be reduced every ten or one hundred messages of ECM Authorization Control Message '. In additional modalities, the credit units may correspond to certain sections of the film (for example, the first or last 10 minutes of the movie) so that these network sections will play the credit units associated with the films. same. These sections can be identified by placing ECM Authorization Control Message messages' accordingly. A further embodiment of the invention is shown in the Figure 7. In this embodiment, the generation of the new EM M 'Authorization Management Message is controlled by an integrated circuit 4008 which has the second encryption key C2 and is inserted in the cassette g rabado 4006. The incorporation of a microprocessor in the housing of the recording medium is a known technique and has been suggested for example in the case of DVHS cassettes. In this example, a set of metal contacts can be provided on an outer surface of the cassette housing, the contacts going to an electronic circuit, such as an integrated circuit inside the housing. These contacts can be coupled by a corresponding series of contacts in the recorder's receptacle to allow communication between the integrated circuit and the video recorder. As will be appreciated, although it is direct to copy the recorded (and mixed) digital data, the data stored in the integrated circuit can not be copied and, as with the previous modalities, the mixed data will be useless without the C2 key necessary to open the Message of ECM Authorization Control 'to obtain the control word used by the computer. As will be understood, in all the described embodiments, the elements of the receiver / decoder and the digital recording device can be combined or interchanged, so that the digital recorder has a smart card slot to receive a smart card, for example, and / or the elements necessary to order the program once the control word Ce has been extracted from the ECM message '. The decoder and / or digital recorder may also be integrated together with other devices, such as a television for example.

Claims

RECIPE N D ICACIO NES 1. A method for transmitting and recording encrypted digital information in which the digital information is encrypted by a first key and transmitted in encrypted form, the encrypted information is received by a decoder that has access to an equivalent of the first necessary key to decrypt the information and characterized in that the decrypted information is subsequently re-encrypted by a key password stored in a portable support device adapted to be received by the decoder or an associated digital recorder, the re-encrypted information is subsequently recorded on the digital recording medium by the digital recorder.
2. A method according to claim 1, in which the digital information corresponds to a control word for ordering mixed digital data, the mixed digital data is transmitted together with the control word encrusted by the first key, the word control is then decrypted by the first key eq uivalent and re-encrypted by the second key, and the re-encrypted control word and the mixed data are then recorded in the digital recording medium.
3. A method according to claim 1 or 2, wherein the portable support device is a smart card adapted to be received in a smart card reader in the decoder and / or digital recorder.
4. A method according to claim 3, wherein the smart card also contains the equivalent of the first key used to decrypt the control word for the initial ordering of the data.
5. A method according to claim 3, wherein the second key is stored in a smart card different from the means used by the decoder to store the first key.
6. A method according to any of claims 3 to 5, wherein a single smart card and the second key are used to generate the re-encrypted control word for a plurality of recordings.
A method according to any of claims 3 to 6, wherein the smart card also contains a number of credit units to determine the number of times the recording can be played, the number of units is reduced with each partial or complete subsequent reproduction of the recording.
A method according to claim 7, wherein the credit units are associated with a particular segment of the recording so that reproducing a section of the recording reduces certain credits associated with that section.
9. A method according to claim 8, wherein the credit units are of a single type and are reduced with the reproduction of any section of the recording.
A method according to claim 1, in which the portable support is defined by the recording medium itself, the second key is stored in an integrated circuit inserted in the housing of the digital recording medium. eleven .
An apparatus adapted for transmission and recording of mixed digital data according to any of claims 1 to 10 comprising a transmitter for encrypting with a first key digital information and transmitting said information in encrypted form, a decoder for receiving the encrypted information and it has access to an equivalent of the first key necessary to decrypt the information, and a portable support device adapted to be received by the decoder or associated digital recorder and possess a second key to re-encrypt the decrypted information for subsequent transmission to a digital recording device for recording on a digital recording medium.
A decoder for the apparatus of claim 1 and adapted for use in the method of any of claims 1 to 10 including a receptacle for receiving a portable support device having a second key for re-encrypting decrypted information .
13. A decoder according to claim 12 integrated with a digital recording device for recording the re-encrypted information in a digital recording medium.