WO2007068820A1 - Processeur de securite et procedes d'inscription de titres d'acces et de cles cryptographiques - Google Patents
Processeur de securite et procedes d'inscription de titres d'acces et de cles cryptographiques Download PDFInfo
- Publication number
- WO2007068820A1 WO2007068820A1 PCT/FR2006/002710 FR2006002710W WO2007068820A1 WO 2007068820 A1 WO2007068820 A1 WO 2007068820A1 FR 2006002710 W FR2006002710 W FR 2006002710W WO 2007068820 A1 WO2007068820 A1 WO 2007068820A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- processor
- value
- message
- registration
- emm
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/167—Systems rendering the television signal unintelligible and subsequently intelligible
- H04N7/1675—Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/45—Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
- H04N21/462—Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
- H04N21/4623—Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
- H04N21/26606—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/162—Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing
- H04N7/163—Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing by receiver means only
Definitions
- the present invention relates to a security processor and methods for registering access titles and cryptographic keys.
- ECM message ECM message
- EMM message access title
- access conditions ECM message
- a decryption module capable of decrypting the control word contained in an ECM message (Entitlement Control Message) to enable the scrambled multimedia signals to be descrambled
- a comparator able to compare access conditions contained in the received ECM message with the stored access titles and to prevent the descrambling of the multimedia signals if the access titles do not do not correspond to the access conditions received and to allow the descrambling of the scrambled multimedia signals if the stored access titles correspond to the access conditions received,
- EMM Entitlement Management Message
- These security processors are typically in the form of smart cards.
- the access credentials of a disposable security processor must not be able to be modified.
- the registration module for new access titles is permanently deactivated.
- the program stored in the ROM (Read OnIy Memory) of the disposable security processor does not include such a registration module.
- standard security processors There are also so-called "standard" security processors. Unlike disposable security processors, these are equipped with a registration module for new access titles. Thanks to this module, access titles can be updated regularly.
- a standard security processor is conventionally that used by a subscriber of the scrambled multimedia signal broadcasting operator. To obtain this result, when manufacturing the standard security processor, the program stored in the memory of the security processor includes a registration module fully operational and able to process EMM messages registration of new access titles.
- the manufacturing process of the standard security processors is not exactly identical to that of the disposable security processors since different programs are recorded in the ROMs of the various standard and disposable security processors.
- a decryption module capable of decrypting the control word contained in an ECM message (Entitlement Control Message) to enable the scrambled multimedia signals to be descrambled
- an encryption and / or decryption module capable of encrypting or decrypting other messages than the received ECM message containing the encrypted control word, a module for registering new cryptographic keys in the non-volatile rewritable memory in response to receiving an Entitlement Management Message (EMM) for registering new cryptographic keys.
- ECM Entitlement Management Message
- the invention aims to overcome this disadvantage by providing security processors simpler to manufacture.
- the subject of the invention is therefore a security processor comprising at least one rewritable lock whose value is switchable at least between a first and a second value in response to an EMM message, and a suitable registration module, in response to a same message EMM registration of new access titles, to allow and, alternatively, to prohibit this registration of new access titles depending on the value of the lock.
- the subject of the invention is also a security processor comprising at least one rewritable lock whose value is switchable at least between a first and a second value in response to an EMM message, and a suitable registration module, in response to a EMM registration message of a new cryptographic key, to allow and, alternatively, to prohibit this registration of new cryptographic keys according to the value of the lock.
- the same security processor can be configured, for example, to function as either a disposable security processor or a standard security processor.
- this configuration no longer needs to be performed during the manufacturing phase of the security processor.
- the configuration of the security processor as a disposable security processor or as a standard security processor can be performed during a customization phase of the security processor, or even during a security processor usage phase. in a subscriber decoder.
- the processor comprises a write module able to switch the value of the lock from the first value to the second value in response to an EMM message and to prevent the value of the lock of the second value from being switched to the first value whatever the following EMM messages received;
- the processor comprises a write module able to switch the value of the lock of the first value towards the second value in response to an EMM message only if the current date contained in this EMM message is earlier than an activation deadline recorded in the security processor;
- the processor includes a self-destruct module of the security processor so as to render it permanently unusable with all available decoders and in which an ECM or EMM message processing unit is able to compare the current date contained in an ECM or EMM message received at an absolute expiry date stored in the security processor and to automatically activate the self-destruct module only if the current date is later than the absolute expiry date.
- the embodiments of the security processors furthermore have the following advantages: the use of a lock write module capable of preventing the value of this lock from being switched, whatever the EMM message received, makes the modification of the operation irreversible registration module;
- the subject of the invention is also a method for registering access titles in the security processors above, this method comprising an authorization step and, alternatively, a step prohibition of this registration of new access titles according to the value of the lock.
- the subject of the invention is also a method for registering cryptographic keys in the security processor, this method comprising an authorization step and, alternatively, a step of prohibiting this registration of new cryptographic keys as a function of the value. lock.
- FIG. 1 is a schematic illustration of the architecture of a scrambled multimedia signal transmission system
- FIGS. 2A and 2B are a flowchart of a method for registering access titles and / or cryptographic keys in a security processor of the system of FIG. 1.
- FIG. 1 shows a system 2 for transmitting scrambled multimedia signals.
- Multimedia signals are, for example, audiovisual signals corresponding to audiovisual programs of television channels.
- the system 2 comprises a transmitter 4 of multimedia signals scrambled with a CW control word to a large number of receivers via an information transmission network 6.
- the network 6 is, for example, a wireless network as illustrated here or a long distance cable network.
- the transmitter 4 is able to send concomitantly with the scrambled multimedia signals ECM messages and EMM messages.
- FIG. 1 represents an example of part of the structure of an ECM message 12 and an EMM message 14.
- each ECM message includes:
- the access conditions 15 include, for example, an identifier 20 of the content of the multimedia signals scrambled with the control word CW, and a field 22 containing the current date.
- the current date is generated by the issuer 4.
- the means 18 is, for example, a cryptographic signature or a cryptographic redundancy produced by the transmitter 4.
- Each EMM message further comprises:
- a field 30 containing instructions for updating cryptographic keys and / or access titles
- the means 32 is, for example, identical to the means 18.
- the field 30 contains instructions for modifying the access titles. already registered in a security processor or to add new access titles.
- the field 30 contains instructions for modifying the cryptographic keys already stored in the security processor or for adding new ones.
- the receiver 8 is able to receive the scrambled multimedia signals as well as the ECM and EMM messages.
- the receiver 8 includes a decoder 40 associated with a security processor 42.
- the processor 42 is typically a removable processor such as a smart card that can be inserted into the decoder 40.
- the processor 42 communicates with the decoder 40 via a processor / decoder interface.
- the interface is formed of electrical connectors, each connector having a male element and a female element each secured to either the decoder or the processor.
- the interface between the decoder 40 and the processor 42 is, for example, in accordance with the ISO 7816 standard.
- the decoder 40 is here equipped with an antenna 44 to receive the different signals broadcast by the transmitter 4. This antenna 44 is connected to a block 46 of demultiplexing signals and, optionally, filtering these signals. At the output of this block 46, the scrambled multimedia signals are sent to a descrambler 48. The EMM and ECM messages are sent to the processor 42.
- the descrambler 48 is able to descramble the scrambled multimedia signals using the control word CW decrypted by the processor 42.
- the decoder 40 is connected to a device 50 for displaying descrambled multimedia signals such as, for example, a television set.
- the processor 42 is equipped with:
- non-volatile rewritable memory 54 in which the access titles are recorded
- non-volatile rewritable memory 56 in which cryptographic keys are recorded
- ROM Read OnYy Memory
- operating key 70 a cryptographic key, here called operating key 70, is illustrated as being stored in the memory 56.
- the operating key 70 is intended to decrypt the control word CW as it is received. in the ECM message before being transmitted to the descrambler 48.
- Locks 62 to 64 are, for example, predetermined areas of non-volatile rewritable memory 74.
- Locks 62 to 64 each store a value.
- the value of each of these latches is only switchable between a first value, here zero, and a second value, here one, in response to the receipt of an explicit write EMM message of the corresponding lock or as a result of the processing an EMM message.
- Locks 62 to 64 exist independently of access titles and cryptographic keys already registered or to be entered in the memories of the security processor. When the value of the lock 62 is equal to one, this means that the processor 42 behaves like a disposable security processor, that is to say that no new access title can be entered in the memory 54 and that no new cryptographic key can be registered in the memory 56.
- the processor 42 can accept to process only a small number of the functionalities of this EMM message, such as invalidations or deletions of data or the management of a confidential code of the user.
- the value of the lock 63 is equal to one, it means that a customization phase of the security processor has been completed.
- the customization phase is described in more detail with reference to FIG. 2.
- the value of this lock 63 is equal to zero, this means that the security processor has not yet been personalized.
- the processor 42 When the value of the lock 64 is equal to one, this means that the processor 42 behaves like a so-called "activatable" security processor.
- An activatable security processor behaves initially as a disposable security processor. Of all the functionalities of a possible EMM message, the processor 42 may only accept a small number of the functionalities of an EMM message. However, unlike a disposable security processor, this security processor can be transformed in response to an EMM message into a standard security processor.
- the processor 42 also includes a received ECM message processing unit 76 and a received EMM message processing unit 78.
- the unit 7 ⁇ notably comprises:
- the unit 76 is connected to the memories 54, 56 and 74.
- the unit 78 comprises in particular:
- a module 90 for writing in the lock 63 a module 94 for registering new access titles in the memory 54 in response to the receipt of an EMM message for registration of new access titles, and a module 96 for registering new cryptographic keys in the memory 56 in response to the receipt of an EMM registration message of new cryptographic keys.
- the unit 78 is connected to the memories 54, 56 and 74.
- the processor 42 includes a self-destructing module 100 of the processor 42.
- This module 100 is able to make the processor 42 permanently unusable.
- the module 100 is able to erase the contents of all the modules. rewritable memories and in particular to erase data allowing the processor 42 to operate.
- the module 100 can also use an internal function of the processor 42 for changing or deleting a primary cryptographic key that is used to decrypt the executable code stored in the memory 58.
- the units 76 and 78 are made using a programmable electronic computer capable of executing program instructions stored in the ROM 58.
- the memory 58 contains instructions for executing the method.
- Figures 2A and 2B when these instructions are executed by the programmable computer.
- FIGS. 2A and 2B The operation of the receiver 8 will now be described using FIGS. 2A and 2B in the particular case of the processor 42 and the decoder 40.
- the processor 42 is manufactured.
- the instructions needed to execute this method are stored in the memory 58.
- the default value of the locks 62 to 64 is equal to zero.
- Memories 54 and 56 are blank.
- the processor 42 is personalized, in a phase 122, by a trusted authority.
- This phase 122 essentially consists in recording in the various rewritable memories of the processor 42 the information necessary for its marketing and operation in a decoder.
- a sliding right is registered as an access title in the memory 54.
- a sliding right is a subscription-type access right, allowing access to certain programs for a certain period of validity.
- the sliding right has no validity period defined by an explicit start date and an explicit end date (or its duration).
- the sliding law is characterized by the following information:
- the number of days NBDAY defining a period during which the processor 42 can be used to descramble the multimedia signals of the operator of the transmitter 4;
- a duration DA (Activation Time) is stored in the memory 54.
- This duration DA defines the duration during which the processor 42 may be enabled to switch from an operating mode in which it behaves like a disposable security processor, to a new operating mode in which this processor behaves like a standard security processor.
- the processor calculates a date DLA (Date Limit Activation) equal to the date DFDF plus the duration DA. As long as this calculation has not been made, the DLA date has a default value corresponding to a very old date such as 01/01/1900 to prohibit activation.
- an operating key is also stored in the memory 56. This operating key is for example known to all the decoders of the same operator.
- parameters specific to the operator of the transmitter 4 are written in the rewritable memories.
- one of the parameters is a DPA (Absolute Expiration Date) date beyond which the processor 42 must destroy itself.
- lock write EMM messages 62 and 64 are sent to processor 42 to switch, if necessary, the value of locks 62 and 64.
- these messages The writing modules are processed by the writing modules 88 and 89.
- these write EMM messages sent during the personalization phase make it possible to configure the processor 42 so that it operates as a disposable security processor (value of the lock 62 equal to one) or as an activatable security processor ( value of the lock 62 equal to zero and value of the lock 64 equal to one) or else as a standard security processor (value of the lock 62 equal to zero and value of the lock 64 equal to zero).
- the combination of two locks 62 and 64 equal to one is further prohibited, a disposable processor not being activatable by definition.
- a lock write EMM message 63 is sent to the processor 42. This message is then processed by the write module 90 in order to memorize the value. "One" in the lock 63 signifying that the processor 42 has been customized.
- modules 88 and 90 allow write to locks 62 and 63 only if the value of lock 63 is different from one, ie if processor 42 has not been customized.
- the value of the latch 64 can only be switched to the zero value.
- the module 89 checks the value of the lock 63 before making such a write and prohibits the writing of the value "a" in this lock if the value lock 63 is equal to one, ie if the processor 42 has been customized.
- the personalized processor 42 is stored temporarily at an operator or at a distributor before being assigned to a subscriber. Then begins a phase 136 of use of the processor 42 in the decoder 40.
- the processor 42 is inserted into the decoder 40.
- the unit 76 executes an ECM message processing procedure 142 and, in parallel, the unit 78 executes an EMM message processing procedure 144 for writing new access titles and / or new cryptographic keys as well. a procedure 145 for processing the other EMM messages.
- the unit 78 receives an ECM message.
- step 148 the unit 76 checks whether the current date 22 is equal to or later than the DPA date. If so, in a step 150, the self-destruct module 100 is activated. Thus, in step 150, the processor 42 is rendered permanently unusable regardless of the decoder into which it can be inserted.
- the unit 76 checks, in a step 152, whether the access conditions 16 associated with the identifier 20 can be satisfied by the sliding right stored in the memory 54 of the processor 42. If so, the unit 76 proceeds with a step 154 in which it checks that the current date 22 contained in the processed ECM message is earlier than the DPDG date of the sliding right recorded in the memory 54 during the personalization phase.
- the sliding right is converted to a fixed duty whose start date is the current date 22, including the end date DFDF ( Fixed End Date) is calculated by adding to the current date the number of days NBDAY recorded in the memory 54 during the phase 122 and whose program identifier is the identifier stored in the memory 54 during the phase 122. After its conversion into a fixed right, the sliding right no longer exists in memory.
- DFDF Fixed End Date
- unit 76 also calculates the date DLA ( Activation Limit Date) and saves it in memory 54.
- the unit 76 determines whether the current date 22 of the ECM message is later than the DFDF date. If so, in a step 164 the descrambling of the multimedia signals is inhibited. For example, in step 164, the module 82 is deactivated, so that the cryptogram CW * is not decrypted, which makes the descrambling of the multimedia signals impossible.
- the unit 76 allows the descrambling of the multimedia signals during a step 160. More specifically, during step 160, the module 82 decrypts the cryptogram CW * using the operating key 70 to obtain the control word CW that it transmits to the descrambler 48. To descramble the scrambled multimedia signals, the descrambler 48 descrambles using the control word CW the scrambled multimedia signals before transmitting them to the device 50 for their display in the clear.
- step 152 the unit 76 establishes that the access conditions present in the ECM message received are not satisfied by the sliding right (for example, because there is no longer a sliding right in memory 54), then unit 76 proceeds to a step 162 in which it checks whether access conditions can be satisfied by another right stored in memory 54.
- the unit 76 allows the descrambling of the multimedia signals, and proceeds to the step 160 described above.
- the descrambling of the scrambled multimedia signals is inhibited, and proceed to the step 164 described above.
- step 160 the method returns to step 146 to receive and process the next ECM message.
- the unit 78 receives an EMM message for the registration of new access titles. Then, in a step 178, the unit 78 checks whether the current date 28 is equal to or later than the DPA date. If so, during a step 180, the self-destruction module 100 is activated. Thus, in step 180, the processor 42 is rendered permanently unusable whatever the decoder in which it can be inserted. If the current date contained in the processed EMM message is not subsequent to the DPA date, the module 94 then checks, in a step 182, whether the processor 42 should function as a disposable security processor. For this, during step 182, the module 94 checks whether the value of the lock 62 is equal to one. If so, in a step 184, the module 94 prohibits the registration of new access titles. For example, in step 184, the received EMM message is not processed, so that no new access title is written in the memory 54.
- the module 94 tests whether the value of the lock 64 is equal to zero. If so, this means that the processor 42 must function as a standard security processor and the module 94 allows, in a step 188, the registration of new access titles. Typically, in step 188, the module 94 stores in the memory 54 the new access titles contained in the received EMM message.
- the module 89 checks, during a step 190, that the current date contained in the received EMM message is before the DLA date. If so, in a step 192, the module 89 switches the value of the lock 64 from the value one to the zero value, which means that the processor 42 now behaves like a standard processor.
- step 192 the procedure 144 continues with the execution of step 188.
- the module 89 determines that the new rights registration EMM message has been received after the DLA date, then it proceeds to step 184 and the received EMM message is not processed, so that no new access title is entered in the memory 54.
- the processor 42 can be customized as a disposable security processor. In this mode of operation, the processor 42 must be inserted into a decoder before the DPDG date. Then once inserted in the decoder, the processor 42 allows to descramble the scrambled multimedia signals only during the duration NBDAY. At the end of this period, the processor 42 can not be transformed into a standard security processor and is therefore no longer usable.
- the processor 42 may also be customized to function as an activatable security processor. Under these conditions, after the first insertion into the decoder 40 before the DPDG date, the processor 42 behaves like a disposable processor. However, unlike a disposable security processor, it can be transformed before the DLA date into a standard security processor by switching the value of the lock 64 to the zero value.
- the processor 42 can also be configured during the phase 122 to function as soon as it is put into service as a standard security processor in which new access titles can freely be registered.
- step 176 the processor 42 receives a key registration EMM
- step 188 the processor 42 proceeds to write the new value of the operating key 70 in the memory 56 in step 184, the processor 42 does not perform any key registration
- the module 94 is replaced by the module 96.
- the processor 42 executes the procedure 145 to process an EMM other than an EMM for registration of access titles or registration of keys.
- the unit 78 receives this EMM message which is neither a registration message for new access titles nor a cryptographic key registration message. Then, it verifies, in a step 296, that the current date contained in this EMM message is earlier than the DPA date. In the opposite case, during a step 298, the unit 78 activates the self-destruction module 100. This step 298 is, for example, identical to the step 180.
- the unit 78 checks whether the security processor is a disposable processor. During this step 302, the unit 78 thus verifies that the value of the lock 62 is equal to one.
- the unit 78 checks whether the processor 42 is an activatable processor. During step 304, the unit 78 therefore checks whether the value of the lock 64 is equal to one.
- the unit 78 proceeds to a step 306, in which it verifies that the current date contained in the processed EMM message is earlier than the DLA date. If so, the activatable processor is transformed into a standard processor, in a step 308. Specifically, in step 308, the module 89 switches the value of the lock 64 from the value one to the zero value . This step 308 is, for example, identical to step 192. At the end of step 308, during a step 310, the received EMM message is processed.
- step 302 If in step 302, it is determined that the processor is a disposable processor, then the unit 78 proceeds to a step 312, in which the unit 78 checks whether the requested processing in the EMM message is part of the processing operations. Allowed for a disposable security processor. If so, unit 78 then proceeds to step 310. Otherwise, the received EMM message is not processed and the procedure returns to step 294.
- step 304 the unit 78 determines that the processor is not an activatable processor, i.e., it is therefore a standard security processor, then the unit 78 proceeds directly to step 310.
- step 306 the unit 78 determines that the current date of the received EMM message is later than the DLA date, then it proceeds to a step 314 in which it determines whether the requested processing in the received EMM message makes part of the authorized processes for an activatable security processor. If so, unit 78 then proceeds to step 310. Otherwise, unit 78 returns to step 194 without processing the received EMM message.
- step 310 the procedure 145 returns to step 294 to receive and process another EMM message.
- latches are used to configure the processor 42, either to function as a disposable security processor, or as an activatable security processor, or as a security processor standard.
- Other modes of operation can be set, which can lead to adding or removing locks, such as locks 62 and 64.
- the procedure 144 It is possible to modify the procedure 144 so that it processes either only EMM messages for the registration of new access titles or only EMM messages for registration of new keys. In this case, the EMM messages that are no longer processed by the procedure 144 are processed by the procedure 145. This simplifies the architecture of the processor 42. For example, as the case may be, the module 96 or the module 94 may be omitted. .
- Step 306 of FIG. 2B then also includes the verification that the type of the EMM message can produce the activation of the processor 42. This makes it possible, for example, to avoid activating the processor 42 when the operator sends it an EMM message for resetting a user's confidential code .
- the transmitter 4 sends the processor 42 an activation specific EMM message in response to which the module 89 switches the value of the lock 64 to the value zero.
- This activation specific EMM message does not include any new access title or new cryptographic key and allows, for example only, to configure the processor 42 so that it operates as a security processor. standard. Therefore, from the moment the value of lock 64 has been switched towards the zero value, new access titles or keys may be entered in the memory 54 in a manner similar to that described in the particular case where in the phase 122 the processor 42 is directly configured to function as a standard security processor.
- the activation may include the additional condition that the sliding right must have reached its end of validity.
- the unit 78 not only verifies that the current date present in the EMM message is earlier than the activation limit date DLA but also that the current date is later than the DFDF date of end of the fixed duty resulting from the sliding right if it exists.
- the various data such as the sliding right or the initial value of the locks 62 to 64 are entered in the processor 42 using EMM messages.
- the structure of these EMM messages, especially during the personalization phase, may be different from that described here by way of example.
- the EMM messages used during the personalization phase may comprise low-level instructions directly executable by the processor 42. However, whatever the structure of the EMM message used to modify the value of the locks, this one it is always received via the processor / decoder interface.
- this self-destruct condition can be limited to only ECM messages, that is to say only when the processor 42 is used to actually access a content. This simplifies the program of the processor 42.
- the self-destruction condition can be extended to the comparison of the date present in the ECM or EMM message with the date DLA, when it exists, the self-destruction being caused if the date DLA until which the processor 42 can be activated is exceeded.
Landscapes
- Engineering & Computer Science (AREA)
- Multimedia (AREA)
- Signal Processing (AREA)
- Databases & Information Systems (AREA)
- Computer Security & Cryptography (AREA)
- Storage Device Security (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP06841914A EP1961225A1 (fr) | 2005-12-13 | 2006-12-12 | Processeur de securite et procedes d'inscription de titres d'acces et de cles cryptographiques |
US12/097,143 US8949623B2 (en) | 2005-12-13 | 2006-12-12 | Security processor and methods for registering access entitlements and cryptographic keys |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR0512600 | 2005-12-13 | ||
FR0512600A FR2894745B1 (fr) | 2005-12-13 | 2005-12-13 | Processeur de securite et procedes d'inscription de titres d'acces et de cles cryptographiques |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2007068820A1 true WO2007068820A1 (fr) | 2007-06-21 |
Family
ID=36950338
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/FR2006/002710 WO2007068820A1 (fr) | 2005-12-13 | 2006-12-12 | Processeur de securite et procedes d'inscription de titres d'acces et de cles cryptographiques |
Country Status (7)
Country | Link |
---|---|
US (1) | US8949623B2 (fr) |
EP (1) | EP1961225A1 (fr) |
KR (1) | KR20080075917A (fr) |
CN (1) | CN101331770A (fr) |
FR (1) | FR2894745B1 (fr) |
TW (1) | TW200742436A (fr) |
WO (1) | WO2007068820A1 (fr) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2905543B1 (fr) * | 2006-08-30 | 2009-01-16 | Viaccess Sa | Processeur de securite et procede et support d'enregistement pour configurer le comportement de ce processeur. |
EP2124439A1 (fr) * | 2008-05-21 | 2009-11-25 | Nagravision S.A. | Méthode d'allocation et de gestion d'abbonements de réception de produits télédiffusés |
ES2394767T3 (es) * | 2009-06-26 | 2013-02-05 | France Telecom | Control del acceso a un contenido digital |
EP2566157A1 (fr) | 2011-09-02 | 2013-03-06 | Nagravision S.A. | Procédé d'optimisation de la réception de messages de gestion des droits dans un système de télévision payante |
US11334293B1 (en) * | 2021-01-28 | 2022-05-17 | EMC IP Holding Company LLC | Facilitating the implementation of cluster counters on lock value blocks in distributed file systems |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2004049141A2 (fr) * | 2002-11-27 | 2004-06-10 | Koninklijke Philips Electronics N.V. | Systeme de protection integre a une puce |
US20050198680A1 (en) * | 2001-12-27 | 2005-09-08 | Paul Baran | Conditional access method and apparatus of a receiver system for controlling digital TV program start time |
US20050236475A1 (en) * | 2002-03-08 | 2005-10-27 | Claudia Becker | Protocol for entering, disabling and/or erasing scrambled data access rights and the corresponding access control module |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6937729B2 (en) * | 1995-04-03 | 2005-08-30 | Scientific-Atlanta, Inc. | Representing entitlements to service in a conditional access system |
BR9815610A (pt) * | 1997-08-01 | 2004-06-22 | Scientific Atlanta | Verificação da fonte de informações de programa em sistema de acesso condicional |
US20020114465A1 (en) * | 2000-01-05 | 2002-08-22 | Shen-Orr D. Chaim | Digital content delivery system and method |
ATE319256T1 (de) * | 2000-10-26 | 2006-03-15 | Gen Instrument Corp | Anfängliche betrachtungsperiode für die autorisierung von multimedia-inhalten |
FR2833446B1 (fr) * | 2001-12-12 | 2004-04-09 | Viaccess Sa | Protocole de controle du mode d'acces a des donnees transmises en mode point a point ou point multi-point |
FR2835371B1 (fr) * | 2002-01-31 | 2004-04-16 | Viaccess Sa | Procede et dispositif de transmission de message de gestion de titre d'acces |
-
2005
- 2005-12-13 FR FR0512600A patent/FR2894745B1/fr not_active Expired - Fee Related
-
2006
- 2006-12-12 WO PCT/FR2006/002710 patent/WO2007068820A1/fr active Application Filing
- 2006-12-12 EP EP06841914A patent/EP1961225A1/fr not_active Withdrawn
- 2006-12-12 US US12/097,143 patent/US8949623B2/en not_active Expired - Fee Related
- 2006-12-12 TW TW095146354A patent/TW200742436A/zh unknown
- 2006-12-12 KR KR1020087016957A patent/KR20080075917A/ko not_active Application Discontinuation
- 2006-12-12 CN CNA2006800471357A patent/CN101331770A/zh active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050198680A1 (en) * | 2001-12-27 | 2005-09-08 | Paul Baran | Conditional access method and apparatus of a receiver system for controlling digital TV program start time |
US20050236475A1 (en) * | 2002-03-08 | 2005-10-27 | Claudia Becker | Protocol for entering, disabling and/or erasing scrambled data access rights and the corresponding access control module |
WO2004049141A2 (fr) * | 2002-11-27 | 2004-06-10 | Koninklijke Philips Electronics N.V. | Systeme de protection integre a une puce |
Non-Patent Citations (1)
Title |
---|
See also references of EP1961225A1 * |
Also Published As
Publication number | Publication date |
---|---|
TW200742436A (en) | 2007-11-01 |
KR20080075917A (ko) | 2008-08-19 |
US20090222676A1 (en) | 2009-09-03 |
US8949623B2 (en) | 2015-02-03 |
EP1961225A1 (fr) | 2008-08-27 |
CN101331770A (zh) | 2008-12-24 |
FR2894745B1 (fr) | 2008-02-08 |
FR2894745A1 (fr) | 2007-06-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2060117B1 (fr) | Processeur de securite et procede et support d'enregistrement pour configurer le comportement de ce processeur | |
EP1829370B1 (fr) | Procédé de contrôle d'accès à des données à accès conditionnel | |
EP1766588B1 (fr) | Composant pour module de sécurité | |
EP1815681B1 (fr) | Unité de traitement de données audio/vidéo numériques et méthode de contrôle d'accès audites données | |
EP0723371B1 (fr) | Procédé de protection des messages de gestion d'un système de controle d'accès et dispositif pour sa mise en oeuvre | |
EP1917756B1 (fr) | Procede d'etablissement d'une cle de session et unites pour la mise en oeuvre du procede | |
EP0426541A1 (fr) | Procédé de protection contre l'utilisation frauduleuse de cartes à microprocesseur, et dispositif de mise en oeuvre | |
WO2006040482A2 (fr) | Dispositif et procede de reception d'informations embrouillees, et unite de desembrouillage, systeme de transmission d'informations et emetteur adaptes pour ce dispositif | |
WO2007068820A1 (fr) | Processeur de securite et procedes d'inscription de titres d'acces et de cles cryptographiques | |
EP1353511B1 (fr) | Procédé de gestion de droits d'accès à des services de télévision | |
EP0820193A2 (fr) | Procédé d'exploitation d'un appareil destiné à permettre l'accès à des services | |
EP1374586B1 (fr) | Systeme et procede de transmission d'informations chiffrees a cle chiffree | |
WO2004051390A2 (fr) | Dispositif susceptible d'utiliser un logiciel sécurisé interne ou externe et procédé d'utilisation correspondant | |
EP1419640B1 (fr) | Reseau numerique local, procedes d'installation de nouveaux dispositifs et procedes de diffusion et de reception de donnees dans un tel reseau | |
EP2098073B1 (fr) | Procédé de gestion du nombre de visualisations, processeur de securité et terminal pour ce procédé | |
FR2883683A1 (fr) | Procede d'appariement entre un terminal et un processeur de securite, systeme et programme informatique pour la mise en oeuvre du procede | |
FR2892259A1 (fr) | Systeme d'acces conditionnel perfectionne pour une securite accrue. | |
EP1468560A1 (fr) | Dispositif decodeur de donnees numeriques brouillees et procede de blocage du desembrouillage | |
FR2809915A1 (fr) | Procede d'enregistrement securise dans un decodeur de television | |
EP2326035B1 (fr) | Procédé de traitement par un module de sécurité de messages de contrôle d'accès à un contenu et module de sécurité associé | |
FR2850228A1 (fr) | Procede pour garantir l'integrite d'au moins un logiciel transmis a un module de chiffrement/dechiffrement et supports d'enregistrement pour mettre en oeuvre le procede | |
FR2835378A1 (fr) | Protocole de commande a distance d'une action locale de generation d'un message d'ordre |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 200680047135.7 Country of ref document: CN |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2006841914 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2917/CHENP/2008 Country of ref document: IN |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1020087016957 Country of ref document: KR |
|
WWP | Wipo information: published in national office |
Ref document number: 2006841914 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 12097143 Country of ref document: US |