WO2006054844A1 - Method and apparatus for receiving broadcast content - Google Patents

Method and apparatus for receiving broadcast content Download PDF

Info

Publication number
WO2006054844A1
WO2006054844A1 PCT/KR2005/003766 KR2005003766W WO2006054844A1 WO 2006054844 A1 WO2006054844 A1 WO 2006054844A1 KR 2005003766 W KR2005003766 W KR 2005003766W WO 2006054844 A1 WO2006054844 A1 WO 2006054844A1
Authority
WO
WIPO (PCT)
Prior art keywords
content
key
user device
link
broadcast
Prior art date
Application number
PCT/KR2005/003766
Other languages
French (fr)
Inventor
Sung-Hyu Han
Myung-Sun Kim
Yong-Kuk You
Young-Sun Yoon
Bong-Seon Kim
Jae-Heung Lee
Original Assignee
Samsung Electronics Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from KR1020040097998A external-priority patent/KR100772372B1/en
Application filed by Samsung Electronics Co., Ltd. filed Critical Samsung Electronics Co., Ltd.
Priority to EP05820471A priority Critical patent/EP1813050A4/en
Priority to CA002586215A priority patent/CA2586215A1/en
Priority to JP2007541095A priority patent/JP2008521275A/en
Publication of WO2006054844A1 publication Critical patent/WO2006054844A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/2803Home automation networks
    • H04L12/283Processing of data at an internetworking point of a home automation network
    • H04L12/2834Switching of information between an external network and a home network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/601Broadcast encryption

Definitions

  • Apparatuses and methods consistent with the present invention relate to receiving broadcast content, and more particularly, to securely transmitting broadcast content to a user device even in an offline mode in which the user device is not connected to a content provider.
  • Digital content is transmitted from a content provider to a user.
  • the digital content must be protected such that only an authorized user who pays for the digital content and obtains a right therefor can use the digital content.
  • the digital content is encrypted using a content key and the content key is given to only authorized users.
  • FIG. 1 is a diagram illustrating a conventional method of receiving content via the
  • a content provider CP transmits the content to user devices Dl, D2, and D3 via the Internet 10. Since the user devices Dl through D3 are connected to the content provider CP via the Internet 10, bi-directional commu ⁇ nications can be made between the content provider CP and each of the user devices Dl through D3.
  • the content provider CP can protect the content from unauthorized users through user authentication that determines whether the user devices Dl through D3 are authorized devices, and by encrypting and transmitting the content and a content key.
  • the user devices Dl through D3 are over a home network HN of a user, the user can use the content in the user devices Dl through D3, free from attacks of unauthorized users.
  • FIG. 2 is a diagram illustrating a conventional method of receiving content via a broadcast channel 20.
  • a content provider CP transmits the content to user devices Dl, D2, and D3 via the broadcast channel 20.
  • the content is received via a digital broadcast receiver 12 which is referred to as a set-top box (STB), and transmitted to the user devices Dl through D3.
  • STB set-top box
  • the content provider CP cannot protect the content from unauthorized users through user authentication that determines whether the user devices Dl through D3 are authorized devices, and by encrypting and transmitting the content and a content key.
  • content protection such as the user authentication is not applicable to a scenario that digital broadcast content is received via a broadcast channel, i.e., a set-top box.
  • the set-top box has only functions of receiving digital broadcast content according to a predetermined broadcast protocol and transmitting the received digital broadcast content to the user devices Dl through D3 over a home network HN of a user. Therefore, when digital broadcast content is received using the set-top box, it is impossible to prevent an unauthorized user from obtaining the content.
  • the Federal Communications Commission has prescribed a standard for digital broadcast technology that a 1-bit broadcast flag must be included in high- definition (HD) content to be broadcast through U.S. digital broadcast systems and content protection must be activated to prevent an unauthorized user from using the content when the broadcast flag is 1, as of July 2005.
  • HD high- definition
  • the present invention provides a broadcast content receiving apparatus and method capable of allowing content to be reproduced in only an authorized user device even when bi-directional communications cannot be made between a content provider and the authorized user device.
  • An apparatus for receiving broadcast content can satisfy the standard for HD content that the HD content must include a broadcast flag as of July 2005, as prescribed by the FCC.
  • FIG. 1 is a diagram illustrating a conventional method of receiving content via the
  • FIG. 2 is a diagram illustrating a conventional method of receiving content via a broadcast channel
  • FIG. 3 is a block diagram of an apparatus for receiving broadcast content according to an exemplary embodiment of the present invention.
  • FIG. 4 is a block diagram of a user device according to an exemplary embodiment of the present invention.
  • FIG. 5 is a flowchart of a method of generating a link using a link generating unit according to an exemplary embodiment of the present invention
  • FIG. 6 is a flowchart of a method of generating a link using a link generating unit according to another exemplary embodiment of the present invention.
  • FIG. 7 is a flowchart of a method of generating a link using a link generating unit according to yet another exemplary embodiment of the present invention.
  • FIG. 8 is a flowchart of a method of receiving broadcast content according to an exemplary embodiment of the present invention.
  • an apparatus for receiving broadcast content comprising a receiving unit which generates the broadcast content from a broadcast stream received from a content provider via a broadcast channel; a content encrypting unit which encrypts the broadcast content using a content key; and a link generating unit which generates a secure link to a user device by exchanging link messages with the user device, the link generating unit transmitting the content key to the user device, via one of the link messages even when the apparatus is not connected to a content provider.
  • a first link message of the link messages comprises one of a public key of the user device and a public key of the apparatus
  • a second link message of the link messages comprises one of a private key of the apparatus, a secret key of the apparatus and a secret key of the user device.
  • the link generating unit counts a number of link request messages transmitted from the user device, compares a number of current links with a maximum number of available links, and controls the number of current links.
  • the link generating unit may transmit the content key to the user device by encrypting the private key of the apparatus using the public key of the user device, transmitting the encrypted private key to the user device via the second link message, encrypting the content key using the public key of the apparatus, and transmitting the e ncrypted content key to the user device.
  • the link generating unit may transmit the content key to the user device by encrypting the secret key of the apparatus using the public key of the user device, transmitting the encrypted secret key to the user device via the second link message, encrypting the content key using the secret key of the apparatus, and transmitting the encrypted content key to the user device.
  • the link generating unit may transmit the content key to the user device by receiving the secret key of the user device via the second link message, which is encrypted using the public key of the apparatus, encrypting the content key using the secret key of the user device, and transmitting the encrypted content key to the user device.
  • a method of receiving broadcast content comprising generating content from a broadcast stream received from a content provider via a broadcast channel; encrypting the content using a content key; and generating a secure link between a user device and a broadcast content receiving apparatus by exchanging link messages between the user device and the broadcast content receiving apparatus, and transmitting the content key to the user device via one of the link messages through the secure link when the broadcast content receiving apparatus is not connected to the content provider.
  • a first link message of the link messages comprises one of a public key of the user device and a public key of the broadcast content receiving apparatus
  • a second link message of the link messages comprises one of a private key of the broadcast content receiving apparatus, a secret key of the broadcast content receiving apparatus, and a secret key of the user device.
  • a computer readable recording medium for storing a program which executes the method of receiving broadcast content.
  • FIG. 3 is a block diagram of an apparatus 300 for receiving broadcast content according to an exemplary embodiment of the present invention.
  • the apparatus 300 which corresponds to a digital broadcast receiver STB, includes a receiving unit 310, a content encrypting unit 320, and a link generating unit 330.
  • the receiving unit 310 receives a broadcast stream 302 via a broadcast channel 30, and generates content 312 by extracting packets corresponding to a user's desired content from the broadcast stream 302 and combining the extracted packets.
  • the content encrypting unit 320 obtains encrypted content 322 by encrypting the content 312 using a predetermined content key 324.
  • the content key 324 may be generated by the content encrypting unit 320, or be externally generated and provided to the content encrypting unit 320. In any case, the content key 324 must be obtainable only by authorized users.
  • the content key 324 may be obtained by generating random numbers.
  • the content key 324 is securely transmitted to a user device Dl, D2, or D3 through the link generating unit 330.
  • the link generating unit 330 generates a secure link to the user device Dl, D2, or
  • the secure link is a path along which the content key 324 is exchanged between the digital broadcast receiver STB and each of the user devices Dl through D3. Devices, other than the digital broadcast receiver STB and the user devices Dl through D3, are not allowed to obtain the content key 324 through the secure link. Exchange of the link message 334 between the link generating unit 330 and each of the user devices Dl through D3 will later be described in detail with reference to FIGS. 5 through 7.
  • the link generating unit 330 may count the number of current links and limit the number of user devices to be connected to the digital broadcast receiver STB according to the number of current links.
  • FIG. 4 is a block diagram of a user device 400 according to an exemplary embodiment of the present invention.
  • the user device 400 which corresponds to the user device Dl, D2, or D3, receives broadcast content from a digital broadcast receiver STB and reproduces the broadcast content.
  • the user device 400 includes a content decrypting unit 410, a key generating unit 420, and a reproducing unit 430.
  • the content decrypting unit 410 receives encrypted content from the digital broadcast receiver STB, e.g., the content encrypting unit 320 of the apparatus 300 of FIG. 3, and obtains decrypted content 412 by decrypting the encrypted content 402 using a content key 426.
  • the content key 426 is generated by the key generating unit 420.
  • the key generating unit 420 receives an encrypted content key 332 from the digital broadcast receiver STB, e.g., the link generating unit 330 of the apparatus 300, by exchanging a link message 404 with the digital broadcast receiver STB. Exchange of the link message 404 between the user device 400 and the link generating unit 330 will later be described in detail with reference to FIGS. 5 through 7.
  • a method of generating a link by exchanging link messages between a link generating unit and a digital broadcast receiver, and transmitting a content key to a user device via the link, according to the present invention, will now be described with reference to FIGS. 5 through 7.
  • FIG. 5 is a flowchart of a method of generating a link using the link generating unit
  • FIG. 3 330 of FIG. 3 according to an exemplary embodiment of the present invention.
  • the link generating unit 330 receives a link message Request that requests a link of the user device 400 of FIG. 4 to the apparatus 300 of FIG. 3, and a public key Kpub_dev of the user device 400 of FIG. 4 from the key generating unit
  • the link generating unit 330 determines whether the maximum number of available links nc is greater than the number of current links n (operation 515). If the maximum number of available links lie is greater than the number of current links n, the method proceeds to operation 520. If not, a link message that rejects the link of the user device 400 to the apparatus 300 is transmitted to the user device 400 to reject the link of the user device 400 (operation 580).
  • the link generating unit 330 generates an encrypted private key
  • El E(Kpub_dev, Kpri_STB) by encrypting a private key Kpri_STB of the apparatus 300 using the public key Kpub_dev received in operation 510, and transmits the encrypted private key El to the key generating unit 420.
  • the key generating unit 420 reproduces the private key Kpri_STB of the apparatus 300 by decrypting the encrypted private key El, which is received in operation 520, using a private key Kpri_dev of the user device 400 (operation 530).
  • the link generating unit 330 generates an encrypted content key
  • E2 E(Kpub_STB, K_cont) by encrypting a content key K_cont using the public key Kpub_STB of the apparatus 300, and transmits the encrypted content key E2 to the key generating unit 420 (operation 540).
  • the key generating unit 420 reproduces the content key K_cont by decrypting the encrypted content key E2 using the private key Kpri_STB of the apparatus 300 reproduced in operation 530 (operation 550).
  • the key generating unit 420 transmits a link message Success that the content key K_cont is successfully reproduced to the link generating unit 330 (operation 560).
  • the link generating unit 330 increases the number of the current links n by one (operation 570), and the method proceeds to operation 510.
  • a content key is securely transmitted from a broadcast content receiving apparatus 300 to a user device 400 according to a public key in ⁇ frastructure (PKI). That is, the content key is securely transmitted to the user device 400, using private keys and public keys of a user device 400 and a broadcast content receiving apparatus 300. Even if a link message transmitted in operation 510, 520, or 540 is hacked by an external device, all the link messages are encrypted, and thus, the external device cannot reproduce a content key. Accordingly, the broadcast content receiving apparatus 300 can transmit the content key to the user device 400 via a secure link.
  • PKI public key in ⁇ frastructure
  • the broadcast content receiving apparatus 300 can securely transmit content to the user device 400 in an offline mode in which the user device 400 is not connected to a content provider CP, and therefore, satisfy the standard for digital broadcast technology that HD content must include a broadcast flag and content protection must be activated to prevent an unauthorized user from using the content when the broadcast flag is 1, as prescribed by the FCC.
  • operations 515, 560, 570, and 580 are optional. Inclusion of operations 515, 560, 570, and 580 makes it possible to limit the number of user devices in which content is reproduced, thereby preventing the content from being illegally spread.
  • FIG. 6 is a flowchart of a method of generating a link using the link generating unit
  • the link generating unit 330 receives a link message Request that requests a link of the user device 400 to the apparatus 300 and a public key Kpub_dev of the user device 400 from the key generating unit 420 of the user device 400 of FIG. 4 (operation 610).
  • the link generating unit 330 determines whether the maximum number of available links
  • the link generating unit 330 generates an encrypted secret key
  • El E(Kpub_dev, Ksec_STB) by encrypting a secret key Ksec_STB of the apparatus 300 using the public key Kpub_dev of the user device 400 received in operation 610, and transmits the encrypted secret key El to the key generating unit 420.
  • the key generating unit 420 reproduces the secret key Ksec_STB of the apparatus 300 by decrypting the encrypted secret key El received in operation 620 using a private key Kpri_dev of the user device 400 (operation 630).
  • the link generating unit 330 generates an encrypted content key
  • E2 E(Ksec_STB, K_cont) by encrypting a content key K_cont using the secret key Ksec_STB, and transmits the encrypted content key E2 to the key generating unit 420 (operation 640).
  • the key generating unit 420 reproduces the content key K_cont by decrypting the encrypted content key E2 using the secret key Ksec_STB generated in operation 630 (operation 650).
  • the key generating unit 420 transmits a message Success that the content key
  • K_cont is successfully reproduced to the link generating unit 330 (operation 660).
  • the link generating unit 330 increases the number of current links n by one (operation 670), and then, the method proceeds to operation 610.
  • a content key is securely transmitted, using a private key and a public key of a user device 400, and a secret key of a broadcast content receiving apparatus 300.
  • the method of FIG. 6 is different from the method of FIG. 5 in that the content key is transmitted from a broadcast content receiving apparatus 300 to a user device 400 according to a symmetrical key structure.
  • all link messages exchanged in operations 610, 620, and 640 of the method of FIG. 6 are encrypted and transmitted.
  • an unauthorized user cannot reproduce the content key, and thus, it is possible to securely transmit the content key from the broadcast content receiving apparatus 300 to the user device 400 via a secure link.
  • FIG. 7 is a flowchart of a method of generating a link according to yet another exemplary embodiment of the present invention.
  • the link generating unit 330 of the apparatus 300 of FIG. 3 receives, from the key generating unit 420, a link message Request that requests a link of the user device 400 of FIG. 4 to the apparatus 300 (operation 710).
  • the link generating unit 330 determines whether the maximum number of available links lie is greater than the number of current links n (operation 715). If the maximum number of available links lie is greater than the number of current links n, the method proceeds to operation 720. If not, a message that requests a link of the user device 400 to the apparatus 300 is transmitted to the user device 400 to reject the link of the user device 400 (operation 780).
  • the link generating unit 330 transmits a public key Kpub_STB of the apparatus 300 to the key generating unit 420 of the user device 400.
  • the key generating unit 420 generates an encrypted secret key
  • El E(Kpub_STB, Ksec_dev) by encrypting a secret key Ksec_dev of the user device 400 using the public key Kpub_STB of the apparatus 300 received in operation 720, and transmits the encrypted secret key El to the link generating unit 330 (operation 725).
  • the link generating unit 330 reproduces the secret key Ksec_dev of the user device 400 by decrypting the encrypted secret key El of the user device 400 received in operation 725 using the private key Kpri_STB of the apparatus 300 (operation 730).
  • the key generating unit 420 reproduces the content key K_cont by decrypting the encrypted content key E2 received in operation 740 using the secret key Ksec_dev of the user device 400 (operation 750).
  • the key generating unit 420 transmits a message Success that the content key
  • K_cont is successfully reproduced to the link generating unit 330 (operation 760).
  • the link generating unit 330 increases the number of current links n (operation
  • a content key is encrypted using a secret key of a user device 400.
  • the secret key is a unique key that is allocated to a user device 400 and is not disclosed to external devices.
  • a broadcast content receiving apparatus 300 is capable of securely transmitting the content key to the user device 400 via a secure link.
  • FIG. 8 is a flowchart of a method of receiving broadcast content according to an exemplary embodiment of the present invention.
  • an apparatus for receiving broadcast content receives a broadcast stream via a broadcast channel, and reproduces the broadcast content from the broadcast stream (operation 810).
  • the apparatus encrypts the broadcast content reproduced in operation 810 using a predetermined content key, and transmits it to a user device 400 (operation 820).
  • the apparatus generates a secure link by exchanging link messages with the user device (operation 830).
  • a method of generating a secure link has been described with reference to FIGS. 5 through 7.
  • the apparatus transmits the predetermined content key to the user device via the secure link generated in operation 830 (operation 840).
  • a method of receiving broadcast content according to the present invention may be embodied as a computer program. Code and code segments of the computer program may be easily derived by computer programmers skilled in the art to which the present invention pertains.
  • the computer program may be stored in a computer-readable medium, and executed using a computer. Examples of the computer-readable medium include a magnetic recording medium, an optical recording medium, or even carrier waves (such as in transmission over the Internet).

Abstract

An apparatus for receiving broadcast content is provided. The apparatus includes a receiving unit generating the broadcast content from a broadcast stream received from a content provider via a broadcast channel; a content encrypting unit encrypting the broadcast content using a content key; and a link generating unit generating a secure link to a user device by exchanging link messages with the user device, and transmitting the content key to the user device via one of the link messages even when the apparatus is not connected to a content provider. A first link message of the link messages includes one of a public key of the user device and a public key of the apparatus, and a second link message of the link messages includes one of a private key of the apparatus, a secret key of the apparatus, and a secret key of the user device.

Description

Description METHOD AND APPARATUS FOR RECEIVING BROADCAST
CONTENT
Technical Field
[1] Apparatuses and methods consistent with the present invention relate to receiving broadcast content, and more particularly, to securely transmitting broadcast content to a user device even in an offline mode in which the user device is not connected to a content provider.
Background Art
[2] Digital content is transmitted from a content provider to a user. The digital content must be protected such that only an authorized user who pays for the digital content and obtains a right therefor can use the digital content.
[3] To prevent an unauthorized use of the digital content, the digital content is encrypted using a content key and the content key is given to only authorized users.
[4] Recent advancement in home network technology enables a user to own two or more user devices and content to be exchanged between two or more user devices. Thus, the user is likely to desire to use content in all their devices by paying for the content only once. However, when exchange of the content between devices is allowed, it is highly probable that an unauthorized user would obtain and use the content. For this reason, it is necessary to develop home network technology that permits exchange of content between an authorized user's devices but does not permit an unauthorized user to obtain or use the content.
[5] FIG. 1 is a diagram illustrating a conventional method of receiving content via the
Internet 10. Referring to FIG. 1, a content provider CP transmits the content to user devices Dl, D2, and D3 via the Internet 10. Since the user devices Dl through D3 are connected to the content provider CP via the Internet 10, bi-directional commu¬ nications can be made between the content provider CP and each of the user devices Dl through D3.
[6] Accordingly, the content provider CP can protect the content from unauthorized users through user authentication that determines whether the user devices Dl through D3 are authorized devices, and by encrypting and transmitting the content and a content key.
[7] If the user devices Dl through D3 are over a home network HN of a user, the user can use the content in the user devices Dl through D3, free from attacks of unauthorized users.
[8] FIG. 2 is a diagram illustrating a conventional method of receiving content via a broadcast channel 20. Referring to FIG. 2, a content provider CP transmits the content to user devices Dl, D2, and D3 via the broadcast channel 20. The content is received via a digital broadcast receiver 12 which is referred to as a set-top box (STB), and transmitted to the user devices Dl through D3.
[9] Since the content provider CP unilaterally transmits the content to the user devices
Dl through D3 via a broadcast signal, bi-directional communications cannot be made between the content provider CP and each of the user devices Dl through D3.
[10] In this case, the content provider CP cannot protect the content from unauthorized users through user authentication that determines whether the user devices Dl through D3 are authorized devices, and by encrypting and transmitting the content and a content key.
[11] Accordingly, content protection such as the user authentication is not applicable to a scenario that digital broadcast content is received via a broadcast channel, i.e., a set-top box. Specifically, in general, the set-top box has only functions of receiving digital broadcast content according to a predetermined broadcast protocol and transmitting the received digital broadcast content to the user devices Dl through D3 over a home network HN of a user. Therefore, when digital broadcast content is received using the set-top box, it is impossible to prevent an unauthorized user from obtaining the content.
[12] The Federal Communications Commission (FCC) has prescribed a standard for digital broadcast technology that a 1-bit broadcast flag must be included in high- definition (HD) content to be broadcast through U.S. digital broadcast systems and content protection must be activated to prevent an unauthorized user from using the content when the broadcast flag is 1, as of July 2005. Thus, it is urgent to develop a method and apparatus for securely obtaining and using digital broadcast content even in an offline mode in which a user device is not connected to a content provider via the Internet, and thus, bi-directional communications cannot be made between the content provider and the user device.
Disclosure of Invention
Technical Problem
[13]
Technical Solution
[14] The present invention provides a broadcast content receiving apparatus and method capable of allowing content to be reproduced in only an authorized user device even when bi-directional communications cannot be made between a content provider and the authorized user device.
Advantageous Effects [15] As described above, according to the present invention, it is possible to generate a secure link between a broadcast content receiving apparatus and a user device, and securely transmit broadcast content to the user device via the secure link even when the user device is not connected to a content provider.
[16] Also, it is possible to limit the number of user devices that can be linked to an apparatus to receive broadcast content, thereby controlling use of the broadcast content.
[17] An apparatus for receiving broadcast content can satisfy the standard for HD content that the HD content must include a broadcast flag as of July 2005, as prescribed by the FCC.
Description of Drawings
[18] FIG. 1 is a diagram illustrating a conventional method of receiving content via the
Internet;
[19] FIG. 2 is a diagram illustrating a conventional method of receiving content via a broadcast channel;
[20] FIG. 3 is a block diagram of an apparatus for receiving broadcast content according to an exemplary embodiment of the present invention;
[21] FIG. 4 is a block diagram of a user device according to an exemplary embodiment of the present invention;
[22] FIG. 5 is a flowchart of a method of generating a link using a link generating unit according to an exemplary embodiment of the present invention;
[23] FIG. 6 is a flowchart of a method of generating a link using a link generating unit according to another exemplary embodiment of the present invention;
[24] FIG. 7 is a flowchart of a method of generating a link using a link generating unit according to yet another exemplary embodiment of the present invention; and
[25] FIG. 8 is a flowchart of a method of receiving broadcast content according to an exemplary embodiment of the present invention.
Best Mode
[26] According to an aspect of the present invention, there is provided an apparatus for receiving broadcast content, the apparatus comprising a receiving unit which generates the broadcast content from a broadcast stream received from a content provider via a broadcast channel; a content encrypting unit which encrypts the broadcast content using a content key; and a link generating unit which generates a secure link to a user device by exchanging link messages with the user device, the link generating unit transmitting the content key to the user device, via one of the link messages even when the apparatus is not connected to a content provider. A first link message of the link messages comprises one of a public key of the user device and a public key of the apparatus, and a second link message of the link messages comprises one of a private key of the apparatus, a secret key of the apparatus and a secret key of the user device.
[27] The link generating unit counts a number of link request messages transmitted from the user device, compares a number of current links with a maximum number of available links, and controls the number of current links.
[28] The link generating unit may transmit the content key to the user device by encrypting the private key of the apparatus using the public key of the user device, transmitting the encrypted private key to the user device via the second link message, encrypting the content key using the public key of the apparatus, and transmitting the e ncrypted content key to the user device.
[29] The link generating unit may transmit the content key to the user device by encrypting the secret key of the apparatus using the public key of the user device, transmitting the encrypted secret key to the user device via the second link message, encrypting the content key using the secret key of the apparatus, and transmitting the encrypted content key to the user device.
[30] The link generating unit may transmit the content key to the user device by receiving the secret key of the user device via the second link message, which is encrypted using the public key of the apparatus, encrypting the content key using the secret key of the user device, and transmitting the encrypted content key to the user device.
[31] According to another aspect of the present invention, there is provided a method of receiving broadcast content, the method comprising generating content from a broadcast stream received from a content provider via a broadcast channel; encrypting the content using a content key; and generating a secure link between a user device and a broadcast content receiving apparatus by exchanging link messages between the user device and the broadcast content receiving apparatus, and transmitting the content key to the user device via one of the link messages through the secure link when the broadcast content receiving apparatus is not connected to the content provider. A first link message of the link messages comprises one of a public key of the user device and a public key of the broadcast content receiving apparatus, and a second link message of the link messages comprises one of a private key of the broadcast content receiving apparatus, a secret key of the broadcast content receiving apparatus, and a secret key of the user device.
[32] According to another aspect of the present invention, there is provided a computer readable recording medium for storing a program which executes the method of receiving broadcast content.
Mode for Invention
[33] FIG. 3 is a block diagram of an apparatus 300 for receiving broadcast content according to an exemplary embodiment of the present invention. The apparatus 300, which corresponds to a digital broadcast receiver STB, includes a receiving unit 310, a content encrypting unit 320, and a link generating unit 330.
[34] The receiving unit 310 receives a broadcast stream 302 via a broadcast channel 30, and generates content 312 by extracting packets corresponding to a user's desired content from the broadcast stream 302 and combining the extracted packets.
[35] The content encrypting unit 320 obtains encrypted content 322 by encrypting the content 312 using a predetermined content key 324. The content key 324 may be generated by the content encrypting unit 320, or be externally generated and provided to the content encrypting unit 320. In any case, the content key 324 must be obtainable only by authorized users. When using the content encrypting unit 320, the content key 324 may be obtained by generating random numbers. The content key 324 is securely transmitted to a user device Dl, D2, or D3 through the link generating unit 330.
[36] The link generating unit 330 generates a secure link to the user device Dl, D2, or
D3 by exchanging a link message 334 with the user device Dl, D2, or D3, and sends an encrypted content key 332 to the user device Dl, D2, or D3 using the secure link.
[37] The secure link is a path along which the content key 324 is exchanged between the digital broadcast receiver STB and each of the user devices Dl through D3. Devices, other than the digital broadcast receiver STB and the user devices Dl through D3, are not allowed to obtain the content key 324 through the secure link. Exchange of the link message 334 between the link generating unit 330 and each of the user devices Dl through D3 will later be described in detail with reference to FIGS. 5 through 7.
[38] Alternatively, the link generating unit 330 may count the number of current links and limit the number of user devices to be connected to the digital broadcast receiver STB according to the number of current links.
[39] FIG. 4 is a block diagram of a user device 400 according to an exemplary embodiment of the present invention. The user device 400, which corresponds to the user device Dl, D2, or D3, receives broadcast content from a digital broadcast receiver STB and reproduces the broadcast content. The user device 400 includes a content decrypting unit 410, a key generating unit 420, and a reproducing unit 430.
[40] The content decrypting unit 410 receives encrypted content from the digital broadcast receiver STB, e.g., the content encrypting unit 320 of the apparatus 300 of FIG. 3, and obtains decrypted content 412 by decrypting the encrypted content 402 using a content key 426. The content key 426 is generated by the key generating unit 420.
[41] The key generating unit 420 receives an encrypted content key 332 from the digital broadcast receiver STB, e.g., the link generating unit 330 of the apparatus 300, by exchanging a link message 404 with the digital broadcast receiver STB. Exchange of the link message 404 between the user device 400 and the link generating unit 330 will later be described in detail with reference to FIGS. 5 through 7. [42] A method of generating a link by exchanging link messages between a link generating unit and a digital broadcast receiver, and transmitting a content key to a user device via the link, according to the present invention, will now be described with reference to FIGS. 5 through 7. [43] FIG. 5 is a flowchart of a method of generating a link using the link generating unit
330 of FIG. 3 according to an exemplary embodiment of the present invention.
Referring to FIG. 5, the link generating unit 330 receives a link message Request that requests a link of the user device 400 of FIG. 4 to the apparatus 300 of FIG. 3, and a public key Kpub_dev of the user device 400 of FIG. 4 from the key generating unit
420 (operation 510). [44] Next, the link generating unit 330 determines whether the maximum number of available links nc is greater than the number of current links n (operation 515). If the maximum number of available links lie is greater than the number of current links n, the method proceeds to operation 520. If not, a link message that rejects the link of the user device 400 to the apparatus 300 is transmitted to the user device 400 to reject the link of the user device 400 (operation 580).
[45] In operation 520, the link generating unit 330 generates an encrypted private key
El=E(Kpub_dev, Kpri_STB) by encrypting a private key Kpri_STB of the apparatus 300 using the public key Kpub_dev received in operation 510, and transmits the encrypted private key El to the key generating unit 420.
[46] Next, the key generating unit 420 reproduces the private key Kpri_STB of the apparatus 300 by decrypting the encrypted private key El, which is received in operation 520, using a private key Kpri_dev of the user device 400 (operation 530).
[47] Next, the link generating unit 330 generates an encrypted content key
E2=E(Kpub_STB, K_cont) by encrypting a content key K_cont using the public key Kpub_STB of the apparatus 300, and transmits the encrypted content key E2 to the key generating unit 420 (operation 540).
[48] Next, the key generating unit 420 reproduces the content key K_cont by decrypting the encrypted content key E2 using the private key Kpri_STB of the apparatus 300 reproduced in operation 530 (operation 550).
[49] Next, the key generating unit 420 transmits a link message Success that the content key K_cont is successfully reproduced to the link generating unit 330 (operation 560).
[50] Thereafter, the link generating unit 330 increases the number of the current links n by one (operation 570), and the method proceeds to operation 510.
[51] In the method of FIG. 5, a content key is securely transmitted from a broadcast content receiving apparatus 300 to a user device 400 according to a public key in¬ frastructure (PKI). That is, the content key is securely transmitted to the user device 400, using private keys and public keys of a user device 400 and a broadcast content receiving apparatus 300. Even if a link message transmitted in operation 510, 520, or 540 is hacked by an external device, all the link messages are encrypted, and thus, the external device cannot reproduce a content key. Accordingly, the broadcast content receiving apparatus 300 can transmit the content key to the user device 400 via a secure link.
[52] Further, in the method of FIG. 5, the broadcast content receiving apparatus 300 can securely transmit content to the user device 400 in an offline mode in which the user device 400 is not connected to a content provider CP, and therefore, satisfy the standard for digital broadcast technology that HD content must include a broadcast flag and content protection must be activated to prevent an unauthorized user from using the content when the broadcast flag is 1, as prescribed by the FCC.
[53] In the method of FIG. 5, operations 515, 560, 570, and 580 are optional. Inclusion of operations 515, 560, 570, and 580 makes it possible to limit the number of user devices in which content is reproduced, thereby preventing the content from being illegally spread.
[54] FIG. 6 is a flowchart of a method of generating a link using the link generating unit
330 of the apparatus 300 of FIG. 3 according to another exemplary embodiment of the present invention. Referring to FIG. 6, the link generating unit 330 receives a link message Request that requests a link of the user device 400 to the apparatus 300 and a public key Kpub_dev of the user device 400 from the key generating unit 420 of the user device 400 of FIG. 4 (operation 610).
[55] Next, the link generating unit 330 determines whether the maximum number of available links
is greater than the number of current links n (operation 615). If the maximum number of available links lie is greater than the number of current links n, the method proceeds to operation 620. If not, a link message that rejects the link of the user device 400 to the apparatus 300 is sent to the user device 400 to reject the link of the user device 400 (operation 680). [56] In operation 620, the link generating unit 330 generates an encrypted secret key
El=E(Kpub_dev, Ksec_STB) by encrypting a secret key Ksec_STB of the apparatus 300 using the public key Kpub_dev of the user device 400 received in operation 610, and transmits the encrypted secret key El to the key generating unit 420.
[57] Next, the key generating unit 420 reproduces the secret key Ksec_STB of the apparatus 300 by decrypting the encrypted secret key El received in operation 620 using a private key Kpri_dev of the user device 400 (operation 630).
[58] Next, the link generating unit 330 generates an encrypted content key
E2=E(Ksec_STB, K_cont) by encrypting a content key K_cont using the secret key Ksec_STB, and transmits the encrypted content key E2 to the key generating unit 420 (operation 640).
[59] Next, the key generating unit 420 reproduces the content key K_cont by decrypting the encrypted content key E2 using the secret key Ksec_STB generated in operation 630 (operation 650).
[60] Next, the key generating unit 420 transmits a message Success that the content key
K_cont is successfully reproduced to the link generating unit 330 (operation 660).
[61] Thereafter, the link generating unit 330 increases the number of current links n by one (operation 670), and then, the method proceeds to operation 610.
[62] In the method of FIG. 6, a content key is securely transmitted, using a private key and a public key of a user device 400, and a secret key of a broadcast content receiving apparatus 300. The method of FIG. 6 is different from the method of FIG. 5 in that the content key is transmitted from a broadcast content receiving apparatus 300 to a user device 400 according to a symmetrical key structure. However, as in the method of FIG. 5, all link messages exchanged in operations 610, 620, and 640 of the method of FIG. 6 are encrypted and transmitted. Thus, an unauthorized user cannot reproduce the content key, and thus, it is possible to securely transmit the content key from the broadcast content receiving apparatus 300 to the user device 400 via a secure link.
[63] Similarly, operations 615, 660, 670 and 680 are optional.
[64] FIG. 7 is a flowchart of a method of generating a link according to yet another exemplary embodiment of the present invention. Referring to FIG. 7, the link generating unit 330 of the apparatus 300 of FIG. 3 receives, from the key generating unit 420, a link message Request that requests a link of the user device 400 of FIG. 4 to the apparatus 300 (operation 710).
[65] Next, the link generating unit 330 determines whether the maximum number of available links lie is greater than the number of current links n (operation 715). If the maximum number of available links lie is greater than the number of current links n, the method proceeds to operation 720. If not, a message that requests a link of the user device 400 to the apparatus 300 is transmitted to the user device 400 to reject the link of the user device 400 (operation 780).
[66] In operation 720, the link generating unit 330 transmits a public key Kpub_STB of the apparatus 300 to the key generating unit 420 of the user device 400.
[67] Next, the key generating unit 420 generates an encrypted secret key
El=E(Kpub_STB, Ksec_dev) by encrypting a secret key Ksec_dev of the user device 400 using the public key Kpub_STB of the apparatus 300 received in operation 720, and transmits the encrypted secret key El to the link generating unit 330 (operation 725).
[68] Next, the link generating unit 330 reproduces the secret key Ksec_dev of the user device 400 by decrypting the encrypted secret key El of the user device 400 received in operation 725 using the private key Kpri_STB of the apparatus 300 (operation 730).
[69] Next, the link generating unit 330 generates an encrypted content key E2=
E(Ksec_dev, K_cont) by encrypting a content key K_cont using the secret key Ksec_dev of the user device 400 generated in operation 730, and transmits the encrypted content key E2 to the key generating unit 420 (operation 740).
[70] Next, the key generating unit 420 reproduces the content key K_cont by decrypting the encrypted content key E2 received in operation 740 using the secret key Ksec_dev of the user device 400 (operation 750).
[71] Next, the key generating unit 420 transmits a message Success that the content key
K_cont is successfully reproduced to the link generating unit 330 (operation 760).
[72] Next, the link generating unit 330 increases the number of current links n (operation
770), and the method proceeds to operation 710.
[73] In the method of FIG. 7, a content key is encrypted using a secret key of a user device 400. The secret key is a unique key that is allocated to a user device 400 and is not disclosed to external devices. As in the methods of FIGS. 5 and 6, even when link messages transmitted in operations 710, 720, 725, and 740 are hacked by an external device, all the link messages are encrypted and thus do not allow the external device to reproduce the content key. Accordingly, a broadcast content receiving apparatus 300 is capable of securely transmitting the content key to the user device 400 via a secure link.
[74] Similarly in the methods of FIGS. 5 and 6, operations 715, 760, 770 and 780 are optional. [75] FIG. 8 is a flowchart of a method of receiving broadcast content according to an exemplary embodiment of the present invention. Referring to FIG. 8, an apparatus for receiving broadcast content receives a broadcast stream via a broadcast channel, and reproduces the broadcast content from the broadcast stream (operation 810).
[76] Next, the apparatus encrypts the broadcast content reproduced in operation 810 using a predetermined content key, and transmits it to a user device 400 (operation 820).
[77] Next, the apparatus generates a secure link by exchanging link messages with the user device (operation 830). A method of generating a secure link has been described with reference to FIGS. 5 through 7.
[78] Next, the apparatus transmits the predetermined content key to the user device via the secure link generated in operation 830 (operation 840).
[79] A method of receiving broadcast content according to the present invention may be embodied as a computer program. Code and code segments of the computer program may be easily derived by computer programmers skilled in the art to which the present invention pertains. The computer program may be stored in a computer-readable medium, and executed using a computer. Examples of the computer-readable medium include a magnetic recording medium, an optical recording medium, or even carrier waves (such as in transmission over the Internet).
[80] While this invention has been particularly shown and described with reference to exemplary embodiments thereof, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
Industrial Applicability
[81]
[82]

Claims

Claims
[1] 1. An apparatus for receiving broadcast content, the apparatus comprising: a receiving unit which generates the broadcast content from a broadcast stream received from a content provider via a broadcast channel; a content encrypting unit which generates the broadcast content using a content key; and a link generating unit which generates a secure link to a user device by exchanging link messages with the user device, the link generating unit transmitting the content key to the user device via one of the link messages even when the apparatus is not connected to a content provider, wherein a first link message of the link messages comprises one of a public key of the user device and a public key of the apparatus, and a second link message of the link messages comprises one of a private key of the apparatus, a secret key of the apparatus, and a secret key of the user device.
[2] 2. The apparatus of claim 1, wherein the link generating unit counts a number of link request messages transmitted from the user device, compares a number of current links with a maximum number of available links, and controls the number of current links.
[3] 3. The apparatus of claim 1, wherein the link generating unit transmits the content key to the user device by encrypting the private key of the apparatus using the public key of the user device, transmitting the encrypted private key to the user device via the second link message, encrypting the content key using the public key of the apparatus, and transmitting the encrypted content key to the user device.
[4] 4. The apparatus of claim 1, wherein the link generating unit transmits the content key to the user device by encrypting the secret key of the apparatus using the public key of the user device, transmitting the encrypted secret key to the user device via the second link message, encrypting the content key using the secret key of the apparatus, and transmitting the encrypted content key to the user device.
[5] 5. The apparatus of claim 1, wherein the link generating unit transmits the content key to the user device by receiving the secret key of the user device via the second link message, which is encrypted using the public key of the apparatus, encrypting the content key using the secret key of the user device, and transmitting the encrypted content key to the user device.
[6] 6. A method of receiving broadcast content, the method comprising: generating content from a broadcast stream received from a content provider via a broadcast channel; encrypting the content using a content key; and generating a secure link between a user device and a broadcast content receiving apparatus by exchanging link messages between the user device and the broadcast content receiving apparatus, and transmitting the content key to the user device via one of the link messages through the secure link when the broadcast content receiving apparatus is not connected to the content provider, wherein a first link message of the link messages comprises one of a public key of the user device and a public key of the broadcast content receiving apparatus, and a second link message of the link messages comprises one of a private key of the broadcast content receiving apparatus, a secret key of the broadcast content receiving apparatus, and a secret key of the user device.
[7] 7. The method of claim 6, wherein the generating the secure link comprises: determining a number of current links by counting a number of link request messages transmitted from the user device; and comparing the number of current links with a maximum number of available links, and controlling the number of current links.
[8] 8. The method of claim 6, wherein the generating the secure link comprises: encrypting the private key of the apparatus using the public key of the user device, and transmitting the encrypted private key to the user device via the second link message; and encrypting the content key using the public key of the apparatus, and transmitting the encrypted content key to the user device.
[9] 9. The method of claim 6, wherein the generating the secure link comprises: encrypting the secret key of the apparatus using the public key of the user device, and transmitting the encrypted secret key to the user device via the second link message; and encrypting the content key using the secret key of the apparatus, and transmitting the encrypted content key to the user device.
[10] 10. The method of claim 6, wherein the generating the secure link comprises: receiving via the second link message the secret key of the user device which is encrypted using the public key of the apparatus; encrypting the content key using the secret key of the user device; and transmitting the encrypted content key to the user device.
[11] 11. A computer readable recording medium for storing a program which executes a method of receiving broadcast content, the method comprising: generating content from a broadcast stream received from a content provider via a broadcast channel; encrypting the content using a content key; and generating a secure link between a user device and a broadcast content receiving apparatus by exchanging link messages between the user device and the broadcast content receiving apparatus, and transmitting the content key to the user device via one of the link messages through the secure link when the broadcast content receiving apparatus is not connected to the content provider, wherein a first link message of the link messages comprises one of a public key of the user device and a public key of the broadcast content receiving apparatus, and one of a private key, a secret key of the broadcast content receiving apparatus and a secret key of the user device.
PCT/KR2005/003766 2004-11-16 2005-11-08 Method and apparatus for receiving broadcast content WO2006054844A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
EP05820471A EP1813050A4 (en) 2004-11-16 2005-11-08 Method and apparatus for receiving broadcast content
CA002586215A CA2586215A1 (en) 2004-11-16 2005-11-08 Method and apparatus for receiving broadcast content
JP2007541095A JP2008521275A (en) 2004-11-16 2005-11-08 Broadcast content receiving apparatus and method

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US62796704P 2004-11-16 2004-11-16
US60/627,967 2004-11-16
KR1020040097998A KR100772372B1 (en) 2004-11-16 2004-11-26 Method and Apparatus for receiving a broadcast contents
KR10-2004-0097998 2004-11-26

Publications (1)

Publication Number Publication Date
WO2006054844A1 true WO2006054844A1 (en) 2006-05-26

Family

ID=36407361

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2005/003766 WO2006054844A1 (en) 2004-11-16 2005-11-08 Method and apparatus for receiving broadcast content

Country Status (3)

Country Link
EP (1) EP1813050A4 (en)
CA (1) CA2586215A1 (en)
WO (1) WO2006054844A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2768201A1 (en) * 2013-02-15 2014-08-20 Samsung Electronics Co., Ltd Content receiving device and method for receiving encoded content, content supplying device and method for supplying encoded content

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6636968B1 (en) * 1999-03-25 2003-10-21 Koninklijke Philips Electronics N.V. Multi-node encryption and key delivery
US20040059939A1 (en) * 2002-09-13 2004-03-25 Sun Microsystems, Inc., A Delaware Corporation Controlled delivery of digital content in a system for digital content access control
US20040133908A1 (en) * 2003-01-03 2004-07-08 Broadq, Llc Digital media system and method therefor

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6636968B1 (en) * 1999-03-25 2003-10-21 Koninklijke Philips Electronics N.V. Multi-node encryption and key delivery
US20040059939A1 (en) * 2002-09-13 2004-03-25 Sun Microsystems, Inc., A Delaware Corporation Controlled delivery of digital content in a system for digital content access control
US20040133908A1 (en) * 2003-01-03 2004-07-08 Broadq, Llc Digital media system and method therefor

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2768201A1 (en) * 2013-02-15 2014-08-20 Samsung Electronics Co., Ltd Content receiving device and method for receiving encoded content, content supplying device and method for supplying encoded content

Also Published As

Publication number Publication date
EP1813050A1 (en) 2007-08-01
CA2586215A1 (en) 2006-05-26
EP1813050A4 (en) 2008-07-09

Similar Documents

Publication Publication Date Title
JP4482266B2 (en) Method and apparatus for managing symmetric keys in a communication network
JP4814339B2 (en) Constrained encryption key
US8160246B2 (en) Apparatus and method for generating a key for broadcast encryption
US7933414B2 (en) Secure data distribution
US20060104442A1 (en) Method and apparatus for receiving broadcast content
US8694783B2 (en) Lightweight secure authentication channel
JP6452205B2 (en) Key distribution in satellite systems
CA2487057A1 (en) Apparatus for entitling remote client devices
KR101675332B1 (en) Data commincaiton method for vehicle, Electronic Control Unit and system thereof
US20050010769A1 (en) Domain authentication method for exchanging content between devices
CN104735484A (en) Method and device for playing video
CN108964886B (en) Communication method comprising encryption algorithm, communication method comprising decryption algorithm and equipment
KR20030019340A (en) Method and apparatus for secure transmission of data
KR100284482B1 (en) Data encryption method
KR20170032210A (en) Data commincaiton method for vehicle, Electronic Control Unit and system thereof
KR20070081404A (en) Broadcast transmitting system and broadcast receiving apparatus
JP4447908B2 (en) Local digital network and method for introducing new apparatus, and data broadcasting and receiving method in the network
US20060104440A1 (en) Simplified method for renewing symmetrical keys in a digital network
US20120257751A1 (en) Controlled security domains
WO2006054844A1 (en) Method and apparatus for receiving broadcast content
CA2849174C (en) System and method for the safe spontaneous transmission of confidential data over unsecure connections and switching computers
KR101204648B1 (en) Method for exchanging key between mobile communication network and wireless communication network
KR100950457B1 (en) Method of implementing sac protocol for unidirectional mobile device
KR20070017426A (en) Method for generating link
CN113890733A (en) Gateway system based on safety communication

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KN KP KZ LC LK LR LS LT LU LV LY MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2586215

Country of ref document: CA

WWE Wipo information: entry into national phase

Ref document number: 2005820471

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2007541095

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: 200580039132.4

Country of ref document: CN

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 891/MUMNP/2007

Country of ref document: IN

WWP Wipo information: published in national office

Ref document number: 2005820471

Country of ref document: EP