MXPA00005722A - Method for protecting the audio/visual data across the nrss inte rface - Google Patents
Method for protecting the audio/visual data across the nrss inte rfaceInfo
- Publication number
- MXPA00005722A MXPA00005722A MXPA/A/2000/005722A MXPA00005722A MXPA00005722A MX PA00005722 A MXPA00005722 A MX PA00005722A MX PA00005722 A MXPA00005722 A MX PA00005722A MX PA00005722 A MXPA00005722 A MX PA00005722A
- Authority
- MX
- Mexico
- Prior art keywords
- smart card
- key
- signal
- generating
- seed value
- Prior art date
Links
- 230000000007 visual effect Effects 0.000 title claims abstract description 16
- 238000000926 separation method Methods 0.000 claims description 10
- 230000001808 coupling Effects 0.000 claims description 3
- 238000010168 coupling process Methods 0.000 claims description 3
- 238000005859 coupling reaction Methods 0.000 claims description 3
- 230000015572 biosynthetic process Effects 0.000 claims description 2
- 238000005755 formation reaction Methods 0.000 claims description 2
- 230000002708 enhancing Effects 0.000 abstract 1
- 230000004075 alteration Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- CFKMVGJGLGKFKI-UHFFFAOYSA-N P-Chlorocresol Chemical compound CC1=CC(O)=CC=C1Cl CFKMVGJGLGKFKI-UHFFFAOYSA-N 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000006073 displacement reaction Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000000737 periodic Effects 0.000 description 1
- 230000001360 synchronised Effects 0.000 description 1
Abstract
A systemfor enhancing the security of the interface between a consumer electronic device and a removable security device is provided by protecting the audio/visual (A/V) stream descrambled in the removable security device. The protection involves dynamically computing a shared key followed by the rescrambling of the A/V stream.
Description
METHOD FOR PROTECTING AUDIO / VISUAL DATA THROUGH THE NRSS INTERFACE Field of the Invention This invention relates to a system for improving the security of the interface between a consumer electronic device and a removable security device such as the interface defined by the National Renewable Safety Standard (NRSS). Security is improved by protecting the audio / visual (A / V) current that is separated by the removable security device, such as a smart card, coupled to the consumer electronic device. Examples of consumer electronic devices that use NRSS smart cards include digital television receivers, digital video tape recorders as well as separate devices or "boxes" that can be placed on top of or coupled to a television receiver, i.e. , boxes on top of the device. BACKGROUND OF THE INVENTION A concern of the digital consumer electronics products that are currently emerging is the ability to access a simple text (ie, blank) digital bit stream that allows someone to make unauthorized digital copies of the text. bitstream. The National Renewable Safety Standard (NRSS) (EIA-679) developed by the Electronic Industries Alliance provides a means to employ renewable safety in relation to digital consumer electronic devices (CE), for example, digital television receivers, digital recorders of video tapes and boxes on top of the device. Renewable security allows the development of conditional access systems that can be replaced, updated or recovered with minimal cost and effort. Commonly, a service provider will mix (or encrypt) the signal before it is transmitted. A conditional access device (CA) (for example, a N RSS smart card) can be used to separate (or decrypt) the signal and route it to the main device. However, a problem with the NRSS architecture is that the audio / visual stream (A / V) is sent to the main device (for example, a display device or a box on top of the device) of the blank smart card. That is, the audio / visual stream is not mixed in the conditional access device. Therefore, a person can monitor this line and use a data capture device to record all the data. Brief Description of the Invention This invention resides, in part, in the recognition of the problem described and, in part, in providing a solution to the problem. Generally, the present invention defines a method for protecting the audio / visual output current of a smart card by receiving a mixed signal from an external source to said smart card, generating a separation key in response to said received signal, separating said signal received using said separation key to generate a separate signal, receive data from such an external source, generate a mixing key in response to said received data, mix such a separate signal using said mixing key to generate a remixed signal, provide the mentioned signal remixed to said external source. In accordance with one aspect of the present invention, the received data is an encrypted key mixed using a public key associated with said smart card and wherein the step of generating such a mixing key comprises decrypting such an encrypted key using a private key associated with said smart card, such private key is stored in said smart card. In accordance with one aspect of the present invention, the mixing key comprises a seed value and the step of mixing the separate signal by generating a random sequence in response to the seed value, and generating the remixed signal by the exclusive formation of a ring O-shaped of said random sequence and such a separate signal. In accordance with another aspect of the present invention, the received mixed signal comprises video, audio and control packets and the seed value is generated, in the external source, in a unique manner in response to said video, audio and control packets. In accordance with another aspect of the present invention, the smart card verifies the seed value by comparing the seed value with a subsequent seed value generated uniquely in response to the video, audio and control packets. In accordance with yet another aspect of the present invention, the seed value is generated using one of the group of video, audio and control packets by exclusively forming an O-ring of said video, audio and control packets together . In accordance with yet another aspect of the present invention, a first seed value is generated in the smart card and the received data is a second seed value. The step of generating such a mixing key comprises generating said mixing key in response to said first and second seed values. In accordance with yet another aspect of the present invention, a system for managing access between a service provider and a host device having a smart card coupled is provided. The main device performs the steps of: receiving a mixed signal from the service provider, sending, to the smart card, a seed value generated in the main device and encrypted using a public key of the smart card, coupling the received signal to the smart card, and receive the remixed signal from the smart card. The smart card has a means for access control processing, comprising means for generating a separation key in response to the received signal, means for separating the received signal using the separation key to generate a separate signal, means for decrypting the signal. encrypted seed value using a private key of the smart card to provide the seed value, means for generating a random sequence in response to the seed value and means for mixing the separated signal using the random sequence and the separated signal to generate a signal remixed These and other aspects of the invention will be explained with reference to a preferred embodiment of the invention shown in the accompanying drawings. BRIEF DESCRIPTION OF THE DRAWINGS Figure 1 is a block diagram of an exemplary implementation of a system for improving the security of the interface between a consumer electronic device and a renewable security device in accordance with the invention.; and Figure 2 is a schematic block diagram illustrating the flow of the signal of Figure 1. Detailed Description of Drawings When a conditional access device (or smart card (SC)) receives a transmitted signal (ie, a program or event) that is mixed (or encrypted), the conditional access device can be used to separate (or decrypt) the signal. The National Standard for Renewable Security (NRSS) provides a means to implement renewable security in relation to smart cards used with digital electronic consumer devices, such as digital television receivers (DTV), digital video tape recorders (DVCR) as como as separate devices or "boxes" that can be placed on top of or coupled to a television receiver, ie boxes on top of the apparatus (STB). A potential problem with the NRSS architecture is that the audio / visual stream (A / V) is not mixed when it leaves the smart card. This provides a point at which the security of the conditional access system can be violated because someone could monitor and derive the output of the smart card and use a data capture device to record all the simple text data. The present invention provides an improvement to protect the connection between the smart card and the consumer electronic device. These smart cards include ISO 7816 cards that have a card body with a plurality of terminals configured on a surface in accordance with the National Renewable Security Standard (NRSR) Part A or PCMC IA cards that comply with the NRS Part B. In Figure 1, a system 10 for protecting the audio / visual stream of the consumer electronic device 100 using the N RSS 200 smart card is shown. These consumer electronic devices or main devices 100 include digital televisions, digital tape recorders and video or boxes on top of the device. The smart card 200 is inserted into or coupled to a smart card reader 105 included or coupled to the main device 100; the bus 150, internal to the main device 100, interconnects the main device 100 and the smart card 200 thus allowing the transfer of data between them. The main device 100 is connected to a cable, satellite or transmission service provider (SP) 300 via a link 350. The protection system of the present invention will be described in relation to the system 10 as shown in Figures 1 and 2. For the protection of the NRSS interface (ie, the return path), the processing of audio / visual data in accordance with this invention includes re-mixing the simple text audio / visual data on the smart card. A requirement of the manufacturers of consumer electronic devices for the design of a conditional access system is to avoid the permanent storage of any secrets in the main device. Therefore, the remixing key can not be exchanged using an architecture where a shared or private secret key is inserted in the main one. The remixing key must be established dynamically without modifying the present architecture of the smart card drastically. A dynamic key is one that is generated at the moment in real time and is not fixed. The periodic generation (for example, every ten seconds) of new keys is normally needed to increase the robustness against cryptanalytic attacks. Two key establishment protocols can be considered for this purpose: 1) A key transport protocol (for example, public key encryption): A party creates the key to be shared and sends it safely to the other . 2) A key agreement protocol (for example, Diffie-Hellman): The shared key is derived by two parties as a function of data contributed by each of them. The key that is shared between the smart card and the main device can be used in a number of ways to mix the audio / visual stream before it is sent back to the main device. For example, block figures can be considered for remixing. Since the DES algorithm is commonly used to separate the incoming audio / visual stream, it could be used to re-mix the signal. However, a complex cipher medium in the main device would increase the cost and complexity of manufacturing. The current sync_ figures are appropriate for remixing. A synchronous current figure is a ^ in which the key current is generated in a way that is equal to the number of text and simple text messages. Although the design gives more practical current figures it is centered around linear feedback displacement registers (LFSRs) (ran - they are suitable for implementations of physical equipment, produce sequences with large periods and good statistical properties and are amenable to analysis). A variety of btro's approaches.
The key generator 1 10 can be started with the shared key to obtain the random sequence. The frequency of renewing the seed is an independent parameter of implementation. The seed, in general, will be different for each renewal, thus producing different random sequences to discourage cryptanalytic attacks. The general architecture of such a system is shown in Figure 2. Particularly, this invention, in one embodiment, provides dynamic generation of a key in the main device 100 using an RSA medium (Rivest, Shamir and Adelman). This key is shared with the smart card 200 and is used to remix the audio / visual stream before it leaves the smart card 200. The main device 100 and the smart card 200 contain RSA means for encryption and decryption. An RSA medium can be implemented using a co-processor (i.e., a microprocessor). As the public key of the smart card is available to the main device as well as to the service providers, the main device can use it to encrypt a mixing key before it is sent to the smart card. The protocol using the public key system RSA includes the encryption of the dynamic key in the main device 100 using the public key of the smart card 200. The encrypted dynamic key is transmitted to the smart card 200 and decrypted using the private key of the smart card. This is an asymmetric key system, where only public keys are stored in the box on top of the device, or digital television or digital video tape recorder. That is, the device does not save or contains any secrets (that is, private keys). The basis of public-key cryptography is the use of two related keys, one public and one private; the private key is impossible from the computational point of view to be deduced from the public key that is publicly available. Anyone with a public key can encrypt a message but only the person or device that has the default and associated private key can decrypt it. In another embodiment of the present invention, the main device 100 and the smart card 200 have different Diffie-Hellman means to generate a shared key. Neither the main device 100 nor the smart card 200 can generate the key alone. A first seed value generated in the smart card 200 is sent to the main device 100 and a second seed value generated in the main device 100 is sent to the smart card 200. Together, the main device 100 and the smart card 200 generate the shared key Both key establishment protocols are subject to attack if the primary device participating in the generation is not authenticated. An improvement is possible by generating the shared seed as a function of the transport stream transmitted to the card in an initial period of time. As audio / video packages are mixed, and Authorization Control Messages (ECMs) are encrypted, they can be used as functional arguments. This can provide implicit key authentication. For example, if the main device 100 and the smart card 200 have RSA means, and the main device has a copy of the public key, KSCp_bi¡ca, the main device can build the seed using a function of the video, audio packets and ECM: Shared seed: (random number | f (A, V, ECM)) As another example, if the main device 100 and the smart card 200 have Diffie-Hellman media and exchange the ax and ax keys, the exponent x is can build using a function of video, audio and ECM packets: (random number af (A, V, ECM)) g- where? = (NUMBER ALSATRÍO +
f (A, V, ECM) In both examples, the smart card 100 calculates the same functional value independently and compares it with the value sent by the main one. This effectively provides the authentication of the principal, preventing intruders from imitating the principal.
The function f = f (A, V, ECM) can be defined in different ways. Two possible definitions are: 1) f = group (A, V, ECM) 2) f = A x or V x or ECM It should be noted that these definitions can include more than three packages. The number and positions of the A, V and ECM packets in the stream are also part of the definition of the function. A unidirectional clustering algorithm, such as MD5 developed by Ron Rivest or SHA-1 developed by the National Institute of Standards and Technology (N IST) and the National Security Agency (NSA) can be used to determine the group function. " For more security, the seed needs to be renewed periodically. Renewal is possible by recalculating the function for each time interval. For example, the first packet found in each of the subcurrents A, V, and ECM in every 30 seconds can be used to generate a new stream of keys for mixing. Alternatively, packages can be numbered for synchronization between the master and the card. This invention provides protection against the copying of audio / visual streams protected by copyright in the transmission to the principal. Modified key establishment protocols can be used to prevent active attacks. Therefore, if the key is defined as a function of the MPEG-2 transport stream (ie, service packets and ECMs) the hacker would also need to have access to the stream and extract the required data from it. Although the invention has been described in detail with respect to numerous embodiments thereof, it will be apparent that by reading and understanding the foregoing, numerous alterations to the described embodiment will occur to those skilled in the art and are intended to include such alterations. in the scope of the appended claims.
Claims (19)
- CLAIMS 1. A method for protecting the audio / visual output current of a smart card comprises the steps of: (a) receiving a mixed signal from an external source to said smart card; (b) generating a separation key in response to such received signal; (c) separating said received signal using such a separation key to generate a separate signal; (d) receive data from said external source; (e) generating a mixing key in response to such received data; (f) mixing said separate signal using said mixing key to generate a remixed signal; (g) providing said remixed signal to said external source. The method of claim 1, wherein said received data is an encrypted mixing key using a public key associated with such a smart card and wherein the step of generating such a mixing key comprises decrypting such an encrypted mixing key using a key private associated with said smart card, such private key is stored in said smart card. The method of claim 2, wherein said mixing key comprises a seed value and wherein the step of mixing said separate signal comprises the steps of: (a) generating a random sequence in response to such seed value; and (b) generating said remixed signal by exclusively forming an O-ring of said random sequence and such a separate signal. The method of claim 3, wherein said received mixed signal comprises video, audio and control packets and said seed value is generated, in said external source, in a unique manner in response to said video, audio packets. And control. The method of claim 4, wherein said smart card verifies said seed value by comparing said seed value with a subsequent seed value generated in said unique manner in response to such video, audio and control packets. The method of claim 5, wherein said seed value is generated using such a group of video, audio and control packets. The method of claim 5, wherein said seed value is generated by exclusively forming an O-ring of said video, audio and control packets together. The method of claim 1, wherein said smart card has a card body having a plurality of terminals arranged on a surface of said card body in accordance with one of the ISO 7816 and PCMCIA card standards. 9. The method of claim 1, further comprising the step of generating, on said smart card, a first seed value, and wherein said received data is a second seed value. The method of claim 9, wherein the step of generating such a mixing key comprises generating such a mixing key in response to said first and second seed values. eleven . The method of claim 10, wherein said mixing key comprises a seed value and wherein the step of mixing said separate signal comprises the steps of: (a) generating a random sequence in response to such seed value; and (b) generating said remixed signal by exclusively forming an O-ring of said random sequence and such a separate signal. The method of claim 1, wherein said received mixed signal comprises video, audio and control packets and said first and second seed values are generated in a unique manner in response to said video, audio and control packets. . The method of claim 10, wherein said first and second seed values are generated using said group of video, audio and control packets. 14. The combination of claim 10, wherein said first and second seed values are generated by the exclusive formation of an O-ring of said video packets., audio and control together. 15. A system for managing access between a service provider and a main device that has a smart card coupled, said main device performs the steps of: (a) receiving a mixed signal from said service provider, (b) sending, to said smart card, a seed value generated in said main device and encrypted using a public key of said smart card, (c) coupling said received signal to said smart card, said smart card has a means for processing said access, said means for access control processing comprises means for generating a separation key in response to the received signal, means for separating said received signal using said separation key to generate a separate signal, means for decrypting such seed value encrypted using a private key of said smart card to provide the aforementioned seed value, means for generating a random sequence in response to such seed value and means for mixing said separate signal using said random sequence and such a separate signal to generate a remixed signal; and (d) receiving said remixed signal from said smart card. 16. The system of claim 15, wherein said public key is stored in said main device and said private key is stored in said smart card. The system of claim 16, wherein said main device is one of a digital television, a digital video tape recorder and a box on top of the digital apparatus. 18. A system for managing access between a service provider and a main device that has a smart card coupled, said main device performs the steps of: (a) receiving a mixed signal from said service provider, (b) sending , to said smart card, a second value of semil la; (c) coupling said received signal to said smart card, said smart card has a means for access control processing, said means for access control processing comprises means for generating a separation key in response to the received signal, means for separating said received signal using said separation key to generate a separate signal, means for generating a first seed value, means for generating a mixing key in response to said first and second seed values, and means for mixing said seed separate signal using said mixing key to generate a remixed signal; and (d) receiving said remixed signal from said smart card. 19. The system of claim 18, wherein said main device is one of a digital television, a digital video tape recorder and a box on top of the digital apparatus.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US60/069,090 | 1997-12-10 | ||
| US60/086,567 | 1998-05-21 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| MXPA00005722A true MXPA00005722A (en) | 2002-02-26 |
Family
ID=
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP1059001B1 (en) | Method for protecting the audio/visual data across the nrss inte rface | |
| JP4698106B2 (en) | System and method for copy protection of transmitted information | |
| KR100898437B1 (en) | Process of symmetric key management in a communication network, communication device and device for processing data in a communication network | |
| US6526144B2 (en) | Data protection system | |
| JP4409946B2 (en) | Interactive protocol for remote management to control access to scrambled data | |
| EP2461534A1 (en) | Control word protection | |
| KR20100092902A (en) | Securely providing a control word from a smartcard to a conditional access module | |
| US20110252440A1 (en) | Interoperability of set top box through smart card | |
| US7224806B2 (en) | Threshold cryptography scheme for conditional access systems | |
| KR100936458B1 (en) | Device for processing and method for transmitting data encrypted for a first domain in a network belonging to a second domain | |
| TWI448920B (en) | Methods for transmitting, receiving and identifying, security processor and information-recording carrier for these methods | |
| WO2002045337A2 (en) | Threshold cryptography scheme for conditional access systems | |
| US7529375B2 (en) | Method for processing encrypted data for first domain received in a network pertaining to a second domain | |
| US20050278524A1 (en) | Local digital network, methods for installing new devices and data broadcast and reception methods in such a network | |
| US20040047472A1 (en) | Threshold cryptography scheme for conditional access systems | |
| MXPA00005722A (en) | Method for protecting the audio/visual data across the nrss inte rface | |
| JP4932155B2 (en) | Tamper protection when sending keys | |
| Lee et al. | Efficient and secure communication between set-top box and smart card in IPTV broadcasting | |
| WO2020109623A1 (en) | Secured transmission of content | |
| Fei et al. | A method to prevent CW sharing in DTV CAS |