WO2009129951A1 - Concept pour la distribution sécurisée d'informations - Google Patents

Concept pour la distribution sécurisée d'informations Download PDF

Info

Publication number
WO2009129951A1
WO2009129951A1 PCT/EP2009/002735 EP2009002735W WO2009129951A1 WO 2009129951 A1 WO2009129951 A1 WO 2009129951A1 EP 2009002735 W EP2009002735 W EP 2009002735W WO 2009129951 A1 WO2009129951 A1 WO 2009129951A1
Authority
WO
WIPO (PCT)
Prior art keywords
service
key
content
content key
message
Prior art date
Application number
PCT/EP2009/002735
Other languages
German (de)
English (en)
Inventor
Birgit Bartel-Kurz
Stefan KRÄGELOH
Markus Prosch
Rinat Zeh
Original Assignee
Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V filed Critical Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V
Publication of WO2009129951A1 publication Critical patent/WO2009129951A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0485Networking architectures for enhanced packet encryption processing, e.g. offloading of IPsec packet processing or efficient security association look-up
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
    • H04N21/2347Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26606Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
    • H04N21/4405Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4623Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/167Systems rendering the television signal unintelligible and subsequently intelligible
    • H04N7/1675Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/062Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying encryption of the keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/101Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management

Definitions

  • Embodiments of the present invention relate to a management message generator, a content key provider, a content and management message generator, a content providing and processing device, a system for encrypted transmission of a content key, a secure information distribution system, and related methods and computer program.
  • DVB digital audio and video broadcasting system
  • GSM mobile radio communication system
  • DMB digital multimedia system
  • IP internet protocol communication system
  • Digital rights management systems or DRM systems are processes that control the use and distribution of digital media. Above all digitally available film and sound recordings, but also in software, electronic documents, electronic books or electronic services, digital usage management is used. It allows providers who use such digital rights management systems Justiceskon ⁇ trolls of their data, new billing options, for example, by means of licenses or authorizations to use rights to data, instead of letting the data itself remunerated. Authors and recyclers often have an interest in controlling or restricting the distribution and use of their intellectual property even after their disclosure. A digital rights management system should help by allowing the use of data only in the framework defined by the respective rights holders, ie the license.
  • digital rights management systems are also used in many other areas, eg. In companies to protect documents, and are also referred to herein as corporate rights management systems.
  • Digital rights management systems are a technical security measure designed to give a copyright holder of information goods the technical means to enforce the use of his property by users on the basis of a previously agreed usage agreement.
  • digital rights management systems enable the exploitation of digital content beyond a flat-rate fee and allow individual licensing or billing by frequency, duration or scope of use.
  • unlimited use can be restricted, on the other hand, business models are made available on request that were previously difficult to realize.
  • Examples of digital rights management systems are the OMA DRM 1.0 and 2.0 system of the "Open Mobile Alliance” standard, the “ISMA Encryption and Authentication” system of the Internet Streaming Media Alliance standard, and the ETSI “EUROCRYPT” system. Standards EN 50094.
  • OMA DRM 1.0 and 2.0 system of the "Open Mobile Alliance” standard the "ISMA Encryption and Authentication” system of the Internet Streaming Media Alliance standard
  • ETSI "EUROCRYPT” system ETSI "EUROCRYPT” system.
  • Standards EN 50094 EN 50094.
  • there are a large number of proprietary digital rights management systems eg "Fair play" of the offerer Apple, "Windows Media DRM" of the offerer Microsoft.
  • digital rights management systems could also be used in many other areas, such as the automotive sector, ie play a greater role in software protection or online navigation or embedded systems.
  • Digital rights management systems realize the idea of access control of digital content using cryptographic techniques. This is realized by an arbitrary digital content is bound by encryption clearly to a license. Without the valid license associated with the digital content, the user may purchase the device or disc and digital content, but may not access the content.
  • the content management computer manages the digital content to be protected and encrypts it for use in a digital rights management system, making the content unreadable for the time being.
  • the license management computer Upon request, the license management computer generates the required licenses together with the corresponding keys for user authentication and content decryption, which are calculated from the corresponding identifiers. If the user wants to access protected content, and there is a bidirectional connection between digital rights management control and license management computer, the digital rights management controller requests from the license management computer the license necessary for reproduction. If the authenticity and integrity of the replay program have been successfully verified, the contents are decrypted with the key contained in the license, made readable in this way, and passed on to the replay program.
  • Access systems or access encryption systems also known as CA-systems are, for example, the systems employed during loading ⁇ paid television for encryption and decrypted seiung the program contents, which are now used in digital radio / radio systems and vehicle assistant systems.
  • CA-systems For a recipient to be able to decrypt the contents, he needs a constantly changing control word. It is the task of the conditional access systems to send this control word to the recipient and to address only certain recipients.
  • the provider sends parallel to the user data separate data packets as administrative messages or "ECM messages.”
  • ECM messages administrative messages
  • a correspondingly authorized recipient can calculate the currently valid control word and transmit it to the content decoder, which can decrypt the received content.
  • an access authorization system for example by means of an authorization card tied to the customer, is mapped in the form of a "smart card” and a customer-anonymous access authorization module.
  • the module filters out the packets with administrative messages from the data stream and uses the given information in conjunction with the authorization card to calculate the corresponding check word.
  • the logic of the conditional access system is distributed on the one hand to the module and the other on the authorization card. It is customary to keep customer-specific data on the authorization card and to make it non-readable by third parties.
  • the methods send administrative messages containing management commands about the incoming data stream. These management messages, also known as EMM commands, are used to selectively activate or deactivate the loyalty cards. There is also the possibility of granting the customer more or less rights with regard to individual offer packages without the customer having to exchange the entitlement card.
  • Examples of digital conditional access systems are the “Betacrypt” and the “Betacrypt 2" system for digital Pay-TV, which was developed for an application called “D-Box”, the “Video Guard” system for pay-TV, broadband television and mobile applications, and the “Nagra Vision Aladin” system, which offers access authorization for both satellite and cable television.
  • receivers are usually not able to confirm received messages and are not always switched on, all messages must be sent repeatedly, for example, in order to ensure a high reception quality.
  • the access authorization messages are encrypted so securely that decryption without a valid access key is either not economically feasible or technically almost impossible.
  • different individual conditional access systems are separated from each other in such a way that they can not influence each other.
  • the contents are encrypted before distribution. Additional administrative messages distribute the usage rules and required cryptographic keys for decrypting the content to the users.
  • the content can be grouped into services.
  • the users of a service are a group of people. These can have different devices.
  • Typical terminals are z. A mobile phone, a personal digital assistance system, d. H. a PDA, a portable navigational assistance system, d. H. a PNA, a fixed or portable computer, d. H. a PC, a permanently installed receiver device in the car, d. H. an OEM device.
  • the terminal-side implementation and protection is the responsibility of the respective device manufacturer.
  • DAB / DMB digital radio systems
  • DAB / DMB digital radio systems
  • DRM and CA systems Digital rights management systems and conditional access systems are particularly vulnerable to attacks by unauthorized persons. B. want to compromise service key.
  • all terminals should be equipped with state-of-the-art security modules, eg with a crypto chip card or a SIM card for user identification
  • terminals do not have a uniform security standard.
  • the terminals used in digital rights management systems and conditional access systems differ in terms of their security standards, but also with regard to active lifetime, price, complexity, performance ("performance"), analysis options, user profile and manufacturer.
  • a personal digital assistive device i. H. a PDA
  • a permanently installed receiver device in the car d. H. an OEM device
  • a personal digital assistive device has a low active life and should have a low price, resulting in low complexity, low performance ("performance") and possibly good analysis capabilities. "For example, the user is young and interested in technology, he could be a potential To be an attacker.
  • a permanently installed receiver device, d. H. an OEM device, in a vehicle has a long active life, a high price, high complexity, high performance and poor analysis capabilities, the user is usually not a potential attacker.
  • DRM and CA systems digital rights management systems or access authorization systems
  • the multimedia content is encrypted with a symmetric content key that changes cyclically. Examples of such systems are in the Standards "OMA DRM V2.0 Extensions for Broadcast Support” of the "Open Mobile Alliance” Standardization or “ISMA Encryption and Authentication” of the "Internet Streaming Media Alliance” standardization or "Access Control System for the MAC / packet family EUROCRYPT", EN 50094
  • the content key should be available for decryption of the content, for example by encrypting the content key in encrypted form with a management credential encrypted with, for example, the service key
  • a service key has a long lifespan and may, for example, be the same for all terminals that are authorized for a specific service and that belong to the same security class.
  • Fig. 4a shows an example of the two standardizations OMA and EUROCRYPT.
  • the content key is referred to as the "Traffic Encryption Key (TEK)" for encrypting and decrypting the service content in OMA standardization, while the same is referred to in the EUROCRYPT standardization as "Control Word (CW) "(" control word ").
  • TEK Traffic Encryption Key
  • CW Control Word
  • the management message which transports the content key to the terminal, is referred to in the OMA standardization as "Short Term Key Message” and in the EUROCRYPT standardization as “Entitlement Control Message (ECM)" or authorization control message;
  • ECM Entitlement Control Message
  • SEK / PEK Service / Program Encryption Key
  • EUROCRYPT service key
  • the management message transporting the service key to the terminal is referred to in OMA standardization as a "long term key message” and in EUROCRYPT standardization as "entitlement Management Message (EMM) "or authorization management message.
  • FIG. 4b An example of the key hierarchy is shown in Figure 4b for OMA standardization.
  • the standardization distinguishes four different layers in the key hierarchy, which transport the encrypted content 442, the encrypted content key 432, the encrypted service key 422 and the device registration data 403: a first layer (layer 1) or registration layer 401, a second layer (layer 2) or Long-term key message layer 402, a third layer (layer 3) or short-term key message layer 403, and a fourth layer (layer 4) or content encryption layer 404.
  • the content 440 is encrypted in the content encryption layer 404 via a content encrypter 441 to an encrypted content 442 to a content decryptor 443 which reconstructs from the encrypted content 442 the content 444 corresponding to the original content 440.
  • the transmission of the encrypted content 442 may be directed or undirected, d. H. with indication of the recipient or without indication of the recipient or receivable for all recipients.
  • a content key 430 is necessary with which the content 440 is encrypted.
  • the content key 430 is generated in, or available to, the short-term key message layer 403. It is required to encrypt the content 440, but is simultaneously encrypted via the content key encrypter 431 into an encrypted content key 432 and transmitted over the Short-term key message layer 403 as encrypted content key 432.
  • the encrypted content key 432 is decrypted in a content key decryptor 433 and the reconstructed content key 434 corresponding to the content key 430 is used to decrypt the encrypted content 442 in the content decryptor 443.
  • a service key 420 is necessary as another key.
  • This service key 420 is created in the long-term key message layer 402 and is forwarded to the content key encrypter 431.
  • the service key 420 itself may be encrypted, with encryption taking place in a service key encryptor 421.
  • the service key encrypter 421 generates an encrypted service key 422 which is transmitted to the recipient.
  • the receiver has a service key decryptor 423 with which it can decrypt the encrypted service key 422 and thus has the reconstructed service key 424 corresponding to the service key 420 in order to decrypt the encrypted content key 432 in the content key decryptor 433.
  • a subordinate key 402 is required, which is generated in the registration layer 401 or is available to it.
  • the transmitter has device registration data 403 and a public device key 404.
  • the devices Regis Trie ⁇ approximate data 403 are encrypted with the public device key 404 in a RegistrleitersSchverschlüssler 405, and it is so, the subordinate key 402 generated.
  • the device registration data 403 is transmitted to the receiver, which generates the subkey 402 from the latter in a device registry data encrypter 406 using the private device key 407.
  • the subkey 402 is forwarded to the service key decryptor 423, which uses this key to reconstruct the service key 424 corresponding to the service key 420 from the encrypted service key 422.
  • the frequency with which key and content data is transferred varies from layer to layer.
  • the device registration data 403 is transmitted only when the device is registered.
  • the service key 420 in the long-term key message layer 402 is only rarely transmitted and is valid for a longer period or even fixed.
  • the content key 430 is frequently transmitted in the short-term key message layer 403, moreover, it changes at short intervals.
  • the content 440 is permanently or at least regularly transmitted in the content encryption layer 404.
  • the object of the present invention is to find a concept for the secure distribution of information that takes into account that the information is distributed to different terminals with different security standards and that contributes to the compromise of a device with low security standard not compromising others Devices with higher safety standards result.
  • the present object is achieved by a management message generator for generating at least two message parts carrying information for decrypting a content in terminals of different security classes, according to claim 1, or a method of generating the same, according to claim 23. Further, the object is achieved by a content key provider to the Providing a content key for decrypting data content based on a management message comprising a plurality of encrypted content keys, wherein the encrypted content keys are associated with different security classes according to claim 13, or a method of providing the content key according to claim 24. Further comprising the solution is a system for encrypted transmission of a content key, wherein the encryption mechanism is dependent on a security class assigned to the content key, according to claim 32.
  • the solution comprises a content and management message generator according to claim 25, a method for generating an encrypted content and a management message according to claim 27, a content preparation and further processing device according to claim 26, a method for providing a content key and decrypting a content according to Claim 28, a system for secure distribution of information according to claim 29 and a computer program according to claim 36.
  • a key idea of the invention is to assign different security classes to terminals and assign different service keys to an identical service depending on the security class. This gives devices of different security classes different service keys. Thus, compromising a low security class terminal, ie, obtaining its service key, will no longer be able to compromise a higher security class device with this service key because the higher security class device has been assigned a different service key. Furthermore, it is possible to centrally switch off services for terminal classes centrally at the transmitting end without this having any effect on terminals of other classes.
  • the concept described here classifies the terminals and introduces different service keys for identical services. It is intended to prevent the compromise of a device, ie analysis of the low-security service key, from compromising the entire digital rights management system or conditional access system (DRM and CA system).
  • security classes of terminals are defined, for example integer security classes from 1 to n.
  • the security classes can result from disclosed security criteria or be manufacturer-dependent proprietary security classes.
  • At least one security class can be assigned to each device.
  • the assignment can be done, for example, in the production process or at a later date. For example, if a terminal is assigned exactly one security class, this class applies to all services enabled for the terminal. Alternatively, depending on the service, different security classes can be assigned to a terminal. Each terminal can know its security class or its security classes.
  • different service keys can be allocated for an identical service and stored in the respective terminals.
  • the content keys and cryptographic methods used may be the same for devices of all security classes.
  • management messages can be generated and transmitted in parallel become. For example, they each contain an identification representing the security class and the content key encrypted with the corresponding service key. For different security classes, the coding of the administrative messages may be different.
  • multiple identifications that represent the security classes and multiple times the identical content keys can be transmitted. This can in each case be encrypted with the service key assigned to the respective identification.
  • the terminal knows, for example, its own security class and its assigned service key.
  • the assignment of the service keys can for example take place via the same channel as the content distribution by means of a management message.
  • a transmission by an external interactive channel or a pre-initialization in device manufacturing is possible.
  • the terminal can decrypt the currently valid content key.
  • the service content needs to be transmitted encrypted only once for all terminal types.
  • FIG. 1 is a block diagram of a management message generator according to an embodiment
  • FIG. 2 is a block diagram of a content key provider in accordance with an embodiment
  • FIG. 3a shows an example of a system consisting of two management message generators and four content key providers
  • Fig. 3b shows another example of a system consisting of two management message generators and four content key providers
  • Fig. 4a shows an example for designating the keys and corresponding key messages in the standardization for OMA and EUROCRYPT
  • Fig. 7 shows an embodiment of the management message carrying the content key with two
  • FIG. 8 shows an embodiment of a digital rights administration or access authorization system
  • the management message generator 100 comprises an encryption device 103 and a message generator 104.
  • the management message generator 100 generates management messages 105 that include the first message part 101 and the second message part 102.
  • the management messages 105 represent, for example, the short-term key messages 432 from FIG. 4 b, which can be used in the OMA standardization for transmitting the encrypted content key 432.
  • the management message generator 100 may replace the content key encrypter 431 indicated in FIG.
  • management message generator 100 may generate management messages 105 comprising a content key 106 in this embodiment, including a first message part 101 and a second message part Message part 102 include.
  • the content key 106 is supplied to an encryption device 103 which encrypts the content key 106 with a first service key 107 to a first encrypted content key 109 and encrypts the content key 106 with a second service key 108 to a second encrypted content key 110.
  • the service keys 107, 108 can originate from the long-term key message layer 402 analogously to FIG. 4b and are present, for example, at the input of the management message generator 100. It is also possible to generate the first and second service keys 107, 108 directly in the management message generator 100.
  • a difference from the concept according to FIG. 4b is that in the management message generator 100 according to FIG. 1 the content key 106 is not encrypted with a single service key 420 but with a first service key 107 and a second service key 108. Both service keys are assigned to different security classes. Thus, the first service key 107 is assigned to a first security class identifier 111. net and the second service key 108 assigned to a second security class identifier 112. While in the management message generator 100 of FIG. 1 the encryption device 103 encrypts the content key 106 with only two service keys 107, 108, in an alternative embodiment the encryption device 103 may encrypt the content key 106 with all the service keys associated with security classes. That is, for example, using nine different security classes, as indicated in FIG.
  • the content key 106 may be encrypted with nine different service keys. For n different security classes, the content key 106 may be encrypted with n different service keys.
  • the first security class identifier 111 is assigned to a first security class and the second security class identifier 112 is assigned to a second security class, wherein the first security class differs from the second security class.
  • the security class identifiers 111 and 112 are supplied to the management message generator 100 from the outside, for example, the security class identifiers 111, 112 may be created in the registration layer 401 as shown in FIG. 4b and supplied from there to the encryption device 103. However, it is also possible to generate or store the security class identifiers 111, 112 directly in the management message generator 100.
  • the message generator 104 generates, with the first encrypted content key 109, the second encrypted content key 110, the first security class identifier 111 and the second security classifier 112, a first message part 101 and a second message part 102 which the security class or the security class identifiers 111 and 112 and the encrypted content keys 109 and 110, respectively.
  • a first message subgenerator 113 generates the first message part 101 from the first encrypted content key 109 and the first security classifier 111, for example.
  • a second message subgenerator 114 generates the second message part 102 from the second encrypted content key 110 and the second security class identifier 112
  • message generator 104 may be implemented with additional message subgenerators that generate additional message portions corresponding to the additional security classes.
  • the administrative messages 105 include the respective message parts 101, 102 or further in further security classes. An example of such a management message is shown in Fig. 7, which will be explained later.
  • FIG. 2 is a block diagram of a content key renderer 200 according to an embodiment of the present invention.
  • the content key provider 200 for example, in the key hierarchy of FIG. 4b of the OMA standard, may correspond to the content key decryptor 433, which reconstructs the content key 434 from the short-term key message 432 carrying the encrypted content key.
  • the Wards thoughlbe ⁇ riding plate 200 decrypts one of the management message, encrypted content key contained 201, 204, 205, 206 and provides a decrypted content key 202 ready.
  • the management message 201 usually contains not only an encrypted ten content key, as is the case in the OMA standard, but it contains a plurality of different encrypted content keys, which are assigned, for example, the security classes.
  • the management message 201 in 9 security classes 9 comprises different encrypted content keys 204, 205, 206.
  • An encrypted content key 207 is generated in the means 203 for providing an encrypted content key from the management message 201.
  • the management message 201 in this embodiment comprises a plurality of encrypted content keys, represented here by a first encrypted content key 204, a second encrypted content key 205 and a last encrypted content key 206.
  • the means for providing an encrypted content key 203 determines from the management message 201 those A part having the corresponding encrypted content key corresponding to an attached security class information 208 or optionally a service information 209.
  • the security class information 208 indicates the first security class, for which reason the message with the first encrypted content key 204 (associated with the first security class) is selected from the management message 201, for example, and provided as an encrypted content key 207.
  • the provided encrypted content key 207 is decrypted in the means for decrypting the provided encrypted content key 210 with an associated service key 211, and the decrypted content key 202 is provided.
  • the security class information 208 with the management message 201 after the corresponding encrypted is obtained from a service type 213, wherein the means for providing a security class information 212 for a first service type 214 provides a first security class information 216 and provides a second security class information 217 for a second service type 215.
  • the provided security class information 208 comprising the first security class information 216 or the second security class information 217 is used to provide the encrypted content key 207 from the management message 201 in the means for providing an encrypted content key 203.
  • the content key provider 200 is implemented on a first terminal, for example.
  • This terminal is assigned a security class, for example according to the embodiment in FIG. 6. If this first terminal only uses a single service, it needs only a single security class, but in general it is possible to execute different services on the first terminal.
  • Each service can be assigned a different security class.
  • the service type 213 indicates which service is involved and allows an assignment of a security class assigned to the corresponding service type.
  • security class information 208 is determined from the service type 213 in the security class information providing means 212.
  • the means for providing security class information 212 may also be implemented outside the content key provider 200.
  • the service type 213 or the security class information 208 can either be present in the content key provider 200, or determined, for example, in the registration layer 401 of FIG. 4b and supplied to the content key provider 200, or transmitted to the recipient in the long term key message layer 402 of FIG. 4b, for example be transferred or in the form of device registration data 403 in the registration layer 401 to the receiver.
  • the service type 213 may comprise all possible service types, but it is also possible that the content key provider 200 will only be supplied with those service types that correspond to services that are also assigned to the respective mobile device.
  • the service type 213 is assigned a service key 211 needed for decrypting the encrypted content key 207 in the device for decrypting the provided encrypted content key 210 to provide the content key 202.
  • the service key 211 may be externally attached to the content key provider 200 and transmitted to the recipient via the long term key message layer 402 of FIG. 4b, or may be directly in the content key provider 200 or optionally determined from the service type 213 (corresponding to the dashed arrow line of FIG. 2) , For example, this may optionally be effected in the service key provider 218, which provides a first service key 219 for the first service type 214 and provides a second service key 220 for the second service type 215. Depending on the type of service 213 present, the service key 211 provided is then supplied to the means 210 for decrypting the provided encrypted content key 207.
  • the content key provider 200 may replace the content key decryptor 433 indicated in the key hierarchy of FIG. 4 b, the difference being that the content key provider 200 selects from a management message 201 the encrypted content key 207 associated with a security class designated by the respective one Service type is specified. That is, the content key provider 200 determines with the service key corresponding to the respective security class 212 of the service
  • each terminal type is assigned a different security class, and in addition, each type of service 213 may also have a different security class
  • FIG. 3a shows a system comprising two management message generators 300, 320 and four content key providers 334, 337, 338, 339.
  • a management message generator 300 generates the management messages 302, 322 for a first service.
  • Associated with the first service is a first content key 301, from which a first management message 302 is generated in the administrative originator for the first service 300.
  • the first management message 302 comprises a first encrypted content key 303 and a second encrypted content key 304.
  • a first service key 305 having a first security class identifier 306 and a second service key 307 having a second security class identifier 308 are present at the management message producer for the first service 300, so that the management service producer for the first service 300 generates the management message 302 with all the encrypted content keys 303, 304. which correspond to the security class identifiers 306, 308 for which the first service is enabled.
  • the service key 309 is 3a is generally grouped or linked with two indices according to the designation in FIG.
  • the first index 310 identifies the service and the second index 311 identifies the security class 212
  • the first service having two security classes 212 are assigned and thus two service keys 305 and 307 are present at the management message generator for the first service 300.
  • the content key 301 for the first service may also be encrypted with multiple service keys 305, 307 of the corresponding security classes 306, 308.
  • the first management message 302 comprises a plurality of encrypted content keys 303, 304, depending on for how many security classes 212 the first service with the first content key 301 is enabled. That is, the first management message 302 then includes as many elements as security classes 212 are defined for the first service.
  • the elements designate the encrypted content keys 312 which have the service as the first index 313 and the security class 212 as the second index 314.
  • the security classifier 315 may also be described as having two indices, where the first index 316 designates the service and the second index 317 designates the security class 212.
  • the second service is serviced with the second service management message generator 320 and provides a second management message 322 from a second content key 321.
  • the second message service manager 320 has a third service key 325 with a corresponding third security class identifier 326 and a fourth service key 327 with an associated fourth security class identifier 328.
  • the service keys 325, 327 and the security class identifiers 326, 328 are designated with two indices, the index for the Service 310 has a 2 corresponding to the second service and wherein security class 311 has a 1 for the third service key 325 and a 2 for the fourth service key 327.
  • Another embodiment in this regard is given in the following Fig. 3b.
  • Fig. 3a from the first content key 301 and the second content key 321, a first management message 302 and a second management message 322 are generated, which are supplied to the recipients.
  • the system consists on the receiver side of four content key providers 334, 337, 338, 339, wherein two terminals 330, 342 are shown, each having two content key providers 334, 337, 338, 339.
  • a first terminal 330 is assigned two services in this embodiment.
  • the first service needs the first content key 301, which can be reconstructed in the first terminal 330.
  • the second service needs the second content key 321, which can also be reconstructed in the first terminal 330.
  • the first service content key 301 may be provided in the first terminal 330 from the received management message 333 by the first service content key provider 334 on the first terminal.
  • the management message 333 comprises the first encrypted content key 303, the second encrypted content key 304, the third encrypted content key 335, and the fourth encrypted content key 336. That is, the management message 333 in this embodiment includes all the encrypted content keys designated by the management message producer for the first service 300 and the second service management message generator 320 corresponding to the unlocked security classes for the two services.
  • the management message 333 may be searched for the associated encrypted content key 303 which may be decrypted with the associated service key 305.
  • the security class identifier 306 and the service key 305 are assigned to the first service type on the first terminal 330 in this example.
  • the content key provider for the first service on the first terminal 334 provides the first content key 301 from the management message 333.
  • a second content key 321 may be reconstructed.
  • the management message 333 has a similar structure, i. H. it comprises a first encrypted content key 303, a second encrypted content key 304, a third encrypted content key 335 and a fourth encrypted content key 336.
  • the second service content key provider 337 on the first terminal searches the management message 333 by the security class identifier associated with the second service type 326 after the associated encrypted content key 335.
  • the encrypted content key 335 associated with the second service type on the first terminal 330 is decrypted with the associated second service service key 325 on the first terminal 330, and the second service content key provider 337 on the first terminal provides the second content key 321.
  • a content key provider 338 for the first service is implemented on the second terminal and a content key provider 339 for the second service on the second terminal.
  • the management message 333 may be received by the In ⁇ halt key provider 338 for the first service to the second terminal and means zuge Anlageni ⁇ accordingcorerichnidentifizierer 308, the first Service type for the second terminal 342 is searched for the encrypted content key 304.
  • the found encrypted content key 304 may be decrypted with the associated first service service key 307 on the second terminal so that the first key content key provider 338 may provide on the second terminal a first content key 301 necessary for decrypting the first service ,
  • the management message 333 may be received by the content key provider and searched for the corresponding encrypted content key 336 by means of associated security classifier 328 assigned to the second service type on the second terminal 342.
  • the encrypted content key 336 may be decrypted by means of associated service key 327 assigned to the second service on the second terminal.
  • the second service content key provider 339 on the second terminal provides the second content key 321 to decrypt the content of the second service on the second terminal 342.
  • the system in this embodiment includes two management message generators 300, 320 that generate for two services management messages 302, 322 that include the respective encrypted content keys 303, 304, 335, 336.
  • different encrypted content keys 303, 304, 335, 336 are used depending on service 313 and security class 314.
  • administrative messages 302, 322 are generated which include encrypted content keys 303, 304, 335, 336 for all services offered and for all security classes that can be assigned to existing terminals.
  • On the receiver side from the management message 333 of the individual encrypted content keys associated with the security class identifier of the corresponding terminal.
  • Fig. 3b shows an embodiment of a block diagram having the same structure as the block diagram of the embodiment of Fig. 3a.
  • the management message generator for the first service 300 assigns different encrypted content keys 304, 345 to the generated management message 349, as compared to the example of FIG. 3a, different service keys 307, 343 and security class identifiers 308, 344 at the first 300 management message generator issue.
  • the first service management message generator 300 may generate from the first content key 301 a management message 349 including an encrypted content key 304 associated with the second security class 314 for the first service 313, and an encrypted content key. 345 assigned to the sixth security class 314 for the first service 313.
  • the management message 349 may be issued in response to the service key 307 assigned the second security class 311 for the first service 310 and the security class identifier 308 assigned the second security class 317 for the first service 316 and the service key 343 assigned to the sixth security class 311 for the first service 310 and the security class identifier 344 to which the sixth security class 317 for the first service 316 is assigned.
  • 320 may be from the second content key
  • the 321 generate a management message 350.
  • the administration The message message 350 may include an encrypted content key 346 corresponding to the fifth security class 314 for the second service 313 and an encrypted content key 347 corresponding to the ninth security class 314 for the second service 313.
  • the management message 350 may be obtained from the second content key 321 using the service key 375 assigned to the fifth security class 311 for the second service 310, and the security classifier 376 assigned to the fifth security class 317 for the second service 316 and Service key 377 associated with the ninth security class 311 for the second service 310, and the security class identifier 378 associated with the ninth security class 317 for the second service 316.
  • the system comprises a first terminal 360 and a second terminal 361, which are designed, for example, differently from the first terminal 330 and the second terminal 342 from FIG. 3a.
  • the first terminal 360 in this embodiment comprises a content key provider for the first service on the first terminal 361, as well as a content key provider for the second service on the first terminal 362.
  • the second terminal 361 comprises a content key provider for the first service on the second terminal 363 as well as a content key provider for the second service on the second terminal 364. All four content key providers receive the same management message 351, which is different from, for example, the management message 333 of the embodiment of FIG. 3a, since the two terminals of FIG 3b in this embodiment, other security classes are assigned as the terminals of Fig. 3a.
  • the management message 351 in this example comprises other encrypted content keys than the management message 333 of FIG. 3a, it is reconstructed the content key provider for the first service on the first terminal 361, however, the same first content key 301 for the first service, which is also reconstructed on the first terminal 330 in Fig. 3a.
  • the management message 351 can be searched for using the security class identifier 308, which is for example associated with the first service 316 on a device of the second security class 317, for the encrypted content key 304, which can be decrypted with the service key 307, for example the first service 310 on devices of the second security class 311.
  • the first content key 301 may be provided.
  • the content key provider for the second service on the first terminal 362 may include the management message 351 with the security class identifier 376, the second service 316 on devices of the fifth. Security class 317, searching for the encrypted content key 346, and decrypting the encrypted content key 346 with the service key 375 assigned to the second service 310 on devices of the fifth security class 311 to provide the second content key 321.
  • the content service provider for the first service on the second terminal 363 can search the management message 351 for the encrypted content key 345 by means of the security class identifier 344 associated, for example, with the first service 316 on devices of the sixth security class 317 encrypted content key 345 with the assigned service key 343 assigned to the first service 310 on devices of the sixth security class 311 to decrypt to provide the first content key 301.
  • the content service provider for the second service on the second terminal 364 may search the management message 351 for the encrypted content key 347 by means of the security class identifier 378 assigned to, for example, the second security code 317 for the ninth security class 316, and the encrypted content key 347 Decrypting service key 377 assigned to the second service 310 for ninth security class devices 311 to provide the second content key 321.
  • FIG. 4a shows an assignment of the various terms of content key, service key and management message which transport the content key to the terminal or which transport the service key to the terminal for the two standards OMA and EUROCRYPT. Details have already been explained in the upper part of this application.
  • Fig. 4b shows a block diagram of the key hierarchy of the OMA standard, which can also be applied to other standards.
  • the key hierarchy is structured into four layers 401, 402, 403, 404, which transport the encrypted content 442, the encrypted content key 432, the encrypted service key 422, and the device registration data 403. Further details have already been explained in the upper part of this application.
  • the key hierarchy consists of four layers: a fourth layer (layer 4) 404 for transporting the encrypted content 442, a third layer (layer 3) 403 for transporting the short-term key messages 432, a second layer (layer 2) 402 for transporting the long-term Key messages 422 and a first layer (layer 1) 401 for transporting the registration data 403.
  • layer 4 404 of the encrypted content transport layer for example, according to the OMA standard, as in FIG.
  • the content 440 is supplied to a content encryptor 441, which uses the content 440 to extract the content 440
  • the content 440, 444 may be, for example, a stream of audio or video data or multimedia data conveying voice information or image information or messages.
  • the content 440, 444 may also be objects such as control information of a navigation or driver assistance system or a computing system, or information for which a user is interested. Further, the content 440, 444 may be, for example, a file provided to a user by a service provider.
  • the content key 430 for encrypting the content 440 is created or is present in the third layer 403, the short-term key message layer.
  • the function of the content key encryptor 431 from FIG. 4 b can be assumed by the management message generator 100 in FIG. 5.
  • the latter can use the service key 420 or service class identifier (s) 111, 112 to generate a management message 432 comprising one or more encrypted content keys, depending on how many security class identifiers 111, 112 having been assigned Service keys 420 exist.
  • the management messages 432 include, for example, a plurality of message parts and may correspond to the management messages 105.
  • the management messages 432 reach the content key provider 200 at the receiver side and are decrypted there using the service key 424 assigned to the receiver and the service type 213 assigned to the receiver, thus providing the content key 434.
  • the (optional) second layer 402 includes the long-term key messages 422 and provides the service key 420 or, in the case of multiple security classes, the service keys 420.
  • the service keys 420 are needed for the management message generator 100 to encrypt the content key 430 and generate the management messages 432.
  • the service keys 420 may be encrypted via a service key encrypter 421 using a subkey 402 and transmitted as long term key messages 422 to the recipient.
  • the receiver may decrypt the long-term key messages 422 in the service key decryptor 423 using the subkey 402 and provide the service keys 424 needed for the content key provider 200 to search the management messages 432 for the encrypted content key and provide the content key 434.
  • registration data 403 comprising one or more service types 213 and one or more security class identifiers 111, 112 can be provided.
  • the security class identifiers 111, 112 may be provided to the management message generator 100 so that it may provide an associated encrypted content key from the content key 430 for each security class.
  • the registration data 403 may be in the first layer 401, for example, with a public device key 404 in the Registry encryptors 405 are encrypted and transmitted to the recipient.
  • the subordinate key 402 can be decrypted in the registration file decryptor 406, for example with the aid of the private device key 407 present in the recipient.
  • the service types 213 may be read out and made available to the content key provider 200 so that they can provide a content key 434 corresponding to their service type 213 from the encrypted content keys that may be included in the management messages 432.
  • different content keys 434 can be reconstructed for the different service types 213 from the management messages 432 comprising the encrypted content keys.
  • the assignment of the security class identifiers 112, 111 and the service types 213 is the responsibility of the registration layer 401 in this embodiment.
  • Alternative allocations are also possible, i. H. the security class identifiers 111, 112 may also be created in the management message generator 100, or the service types 213 may be generated in the content key provider 200.
  • it also makes sense, for example, to use an external channel to transmit the security-relevant information.
  • the key hierarchy of the OMA standard has been varied such that the content key encryptor 431 has been replaced by the management message creator 100 and the content key decryptor 433 has been replaced by the content key provider 200.
  • the messages generated by the management message g. 100 generated administrative messages 432 may contain, in addition to the encrypted content key, a countable number of further encrypted content keys compared to the short-term key messages 432 of the OMA standard, for example, for each content key 430 as many encrypted content keys as different security class identifiers 111, 112 exist or are used should.
  • security class identifiers 111, 112 are used should.
  • the security classes 111, 112 and the service types 213 may be provided in the registration layer 401 and may be transmitted via the registration data encryptor 405 within the registration data 403 to the receiver. While in the OMA standard according to the embodiment of FIG. 4b a service key is transmitted to the receiver via the service key encrypter 421, in the embodiment according to the invention a plurality of service keys 420 corresponding to the plurality of security classes can be transmitted even for a single service, which are assigned to the terminals.
  • the management message generator 100 may be configured such that the first message part of the management messages 432 additionally comprises a service type 213 and that the second message part is generated such that the second message part additionally comprises the service type 213.
  • the first and second message parts of the management messages 432 may in one exemplary embodiment be embodied such that the management message has a coding as a function of the security class identifier 111, 112.
  • a coding can be used, depending on the security class identifier 111, 112 the management message 432 assigns a different number of code units, so that message parts of the management messages 432, which are assigned to a higher or higher-grade security class, are mapped by a higher-order code or to a larger number of code units.
  • the management message generator 100 may, for example, allocate greater redundancy to message parts 101, 102 of the management messages 105 corresponding to a higher security class 111, 112, so that the encrypted higher security class content keys 432, 112 will be more immune to interference the transmission are protected.
  • the management message generator 100 is configured to encrypt the content key 430 with a symmetric cryptographic key using an AES block encryption algorithm or a DES block encryption algorithm.
  • a symmetric cryptographic key refers to an encryption method in which both the sender and the recipient are assigned the same key. Or in which their keys are different but can be derived from each other by means of a known relationship.
  • Block encryption algorithms for example, use a block of plain text and a key, and generate a block of encrypted text of the same length. Since messages are usually longer than a single block, a method is needed to tie together successive blocks.
  • Various methods have been developed in this regard, some with higher Sure ⁇ integrated in one aspect, others with greater safety in another aspect.
  • the keys themselves are encrypted.
  • the service keys may be encrypted by the AES 256 method and the content keys by the AES 128 method.
  • the ECB mode also referred to as the "Electronic Code Book” mode, may be employed as described in the aforementioned NIST Standard.
  • the management messages 432 and the long-term key messages 422 are authenticated with an electronic signature or authentication according to a MAC method, also known as "message authentication code” or “method.”
  • the sender attaches an authentication code to each message
  • the management messages 432 or the long-term key messages 422 may be authenticated according to an OMAC method, ie, a one-key message authentication code method become.
  • OMAC procedure is described in the NIST standardization.
  • a message authentication code can be used in which a plurality of parameters are transmitted by means of Huffman coding.
  • the management messages 432 may also include a timestamp to facilitate reconstruction at the receiver.
  • each device may be assigned at least one security class.
  • security class 1 is a total of nine security classes shown, which can be extended to any integer number of security classes. Alternatively, fewer security classes can be used.
  • security class 1 only has devices which use a crypto-smartcard or an intelligent encryption card or SC card for secure storage of all keys and security-relevant parameters.
  • the crypto-smartcard interprets and processes all administrative messages, no key leaves the crypto-smartcard and also the content is decrypted only in the crypto-smartcard.
  • security class 2 is associated with devices that use a crypto-smartcard to securely store all keys and security-related parameters, interpret and process all management messages with the crypto-smartcard, and leave only the short-lived content key the crypto-smartcard. The decryption of the content happens in the terminal.
  • Security class 3 is, for example, a crypto-smartcard or another external security device, eg.
  • a security card for digital media also referred to as an SD card, is assigned when both devices are used for the secure storage of the keys and the security-relevant parameters and the interpretation and processing of all administrative messages and the decryption of the content in the terminal are done.
  • safety class 4 for example, an OEM device or a device from a third-party manufacturer may be classified, which permanently installed in the vehicle and therefore can be very difficult to access. The use of in-vehicle safety components is effected with this device.
  • a portable terminal may be classified, which has an integrated built-in processor chip, all exclusively digital rights management and conditional access system-related tasks.
  • the chip or processor can be protected against special hardware-based attacks.
  • a portable terminal may be classified, which has an integrated built-in processor chip, which exclusively handles all digital rights management and access authorization-related tasks, where the chip may be a standard chip, which is not against special hardware protected attacks.
  • a portable terminal may be classified, which has a designated as "WinCE" operating system manufacturer Microsoft and contains no additional hardware-based security modules.
  • a PC-based terminal that uses a method called "obfuscation" can be classified in the security ski 8.
  • safety class 9 for example, a proprietary device of a manufacturer "XY” can be classified, which does not disclose implementation details.
  • security classes may follow, to which devices can be assigned.
  • devices can be assigned.
  • security classes may follow, to which devices can be assigned.
  • a different assignment of security classes to device types is possible.
  • FIG. 7 shows an exemplary embodiment, which parts may comprise the management messages 105 according to the invention from FIG. 1, comprising a first message part 101 and a second message part 102.
  • the management messages 105 may After the first set ⁇ part 101 corresponding to a first message field 700 and comprise the second message part 102 according to a second message field 701. This is indicated by the management message 700 transporting the content key 106 addressed for type 1 terminals and the parallel management message 701 carrying the identical content key 106 but addressed to type 5 terminals in the upper part of FIG Figure 7 illustrates.
  • a management message 702 is shown carrying the content key 106 addressed for Type 1 and Type 5 terminals.
  • the first message part comprises a security class identifier 711 and a content key 710 encrypted with the first service key.
  • the second message part, designated 701 in this example comprises a security class identifier 713 and a content key 712 encrypted with the fifth (generally another) service key.
  • the first message part 700 is generated, for example, for terminals of the first security class, while the second message part 701 for terminal with the fifth security class (generally: a further safety class) is generated.
  • the first message part 700 may further include a service identifier 714 and the second message part 701 may include the same service identifier 714, for example, if both message parts 700 and 701 carry encrypted content keys of the same service. Furthermore, the first message part 700 and the second message part 701 may include a field for further parameters 715 and 716, respectively.
  • the coding of the first message part 700 or of the second message part 701 may depend on the security class, ie a higher-value code or a greater redundancy can be used, for example, for higher-value security classes.
  • the management message 105 may also contain only a part that includes a security class identifier 711 for the first security class, a content key 710 encrypted with the service key of the first security class, and a security class identifier of the fifth security class 713 (in general: another security class). and a content key 712 encrypted with the service key of the fifth security class (generally: another security class).
  • the management message, designated 702 in this example may also include the service identifier 714.
  • the management message 702 may further include parameters associated with the first security class 715 and parameters associated with the fifth security class 716.
  • the portions of the management message 702 associated with the first security class may be encoded depending on the first security class, while the portions of the management message 702 associated with the fifth security class may be encoded depending on the fifth security class.
  • the encryption of the content key and the message design for two security classes is shown by way of example, namely with the first security class and the fifth security class.
  • further message parts are generated.
  • the same number of message parts can be generated that contain an encrypted content key
  • the management message 702 may include all encrypted content keys 710, 712 encrypted with service keys of the existing security classes 711, 713, but individual message portions may also be aggregated and transmitted into one, two, or more management messages 702.
  • the first message part 700 or the second message part 701 may, for example, be composed of a necessary part and an optional part.
  • the necessary part may then comprise, for example, the content key 710 or 712 encrypted with the service key, while the optional part may comprise the security class identifier of the first security class 711 or the fifth security class 713.
  • existing terminals that have not been or can not be assigned a security class may then only receive the necessary portion of the management messages that includes the content key 710, 712 encrypted with the service key.
  • a zeroth device class may be defined, for example, denoted by "0", which automatically includes all the terminals, which will be referred to as the base class below:
  • Service providers for example, who do not want to support the concept presented and the associated additional management messages
  • system 800 shows a block diagram of an exemplary embodiment of a system 800 for the secure distribution of information between a service provider 801 and a service user 802.
  • the service provider 801 for example, provides a service that the service user 802 can use.
  • the system 800 comprises a content and management message generator 803, a transmission device 804 and a content preparation and further processing device 805.
  • system 800 may also (optionally) include the lower layers, i. H. the second layer 402 and the first layer 401 include.
  • the content and management message generator 803 may generate an encrypted content 442 from the content 440 using the content encrypter 441.
  • the content encrypter 441 encrypts the content 440 with the content key 430.
  • the content key 430 may be included in the management message generator 100 with a content key 430
  • Service keys 420 of the associated security class identifier 111, 112 are encrypted and generate from the encrypted content keys and associated security class identifiers 111, 112 a management message 432, which together with the encrypted content 442 can be transmitted via the transmission device 804 to the recipient.
  • the encrypted content 442 may be supplied to the content provider 443 and the management message 432 may be supplied to the content key provider 200.
  • the content key provider 200 may determine the content key 434 from the management message 432 by means of the service key 424 assigned to the corresponding terminal and the security class assigned to the service type 213 on the terminal and supply it to the content provider 443 to decrypt the encrypted content 442 and decrypt the encrypted content 442 Content 440 to be reconstructed.
  • the content 440 may be supplied to a content providing and further processing device 805 of a further processing device 808. Further processing of the content 440 may include, for example, an evaluation of the data, a transfer to another device or a reproduction of the content 440.
  • the further processing device 808 may, for example, comprise a decoder for audio codes or be an audio player or comprise a decoder for video codes or be a video player.
  • the further processing device 808 may, for example, also be a navigation device, or a mobile telephone or a personal digital assistant device or a cable receiver for digital multimedia reception or a satellite receiver for digital multimedia reception or a communication system for Internet protocols or a driver assistance system or a personal computer, or a part thereof Facility.
  • the content 440 can thus be provided to an electronic content receiver.
  • the system 800 for securely distributing information between a service provider 801 and a service user 802 may include a subsystem 806 configured to encrypt a content key.
  • this subsystem 806 for encrypted transmission of a content key comprises a management message generator 100, a management message transmission device 807 and a content key provider 200.
  • a content key 430 can be supplied to the encrypted content key transmission system 806 and one or more service keys 420 and associated security classes. dentifier 111, 112. From these inputs, the management message generator 100 may generate a management message 432 which may be transmitted to the recipient by the management message transmitter 807.
  • the receiver may comprise the content key provider 200, which searches the management message 432 for the corresponding encrypted content key by means of a service key 424 or service key 424 assigned to the service keys 424 and a service type 213 or service types 213 assigned to the service keys 424 and provides the content key 434 therefrom ,
  • the encrypted content key transfer system 806 may be a subsystem of the secure information distribution system 800 between a service provider 801 and a service user 802.
  • the system 806 may include transmitting an encrypted content key from a management message producer 100 implemented in the sender to a content key provider 200 implemented in the receiver.
  • the system 800 may securely distribute the content 440 of a service provisioner 801 service, along with the associated content key 430, to a service user 802, where secured here means that a class of terminals can be assigned a security class and that for each class of terminals with their own security class a separate encrypted content key can be transmitted in the management message 432.
  • each service type 213 on a terminal can be assigned its own security class.
  • the system 800 may be designed, for example, according to one of the standards OMA, ISMA or EUROCRYPT; The same applies to the second system 806.
  • the transmission device 804 or the administration message transmission device 807 may be a digital or analogue broadcasting system (eg a digital audio broadcasting system or a digital video broadcasting system) or a mobile radio communication system or a satellite navigation system or an internet protocol system. Transmission of the data may be by cable or by radio or by satellite or optically or in any other way.
  • the management message creator 100 of the content key providers 200, the content encryptors 441, and the content providers 443 may be constructed in digital or analog logic, such as electronic or photonic circuitry.
  • the method according to the invention can be implemented in hardware or in software.
  • the implementation can be carried out on a digital storage medium, in particular a floppy disk or a CD with electronically readable control signals, which can interact with a programmable computer system in such a way that the corresponding method is carried out.
  • the invention thus also consists in a computer program product stored on a machine-readable carrier, the program code for carrying out the procedural ⁇ proceedings according to the invention, when the computer program product on a computer expires.
  • the invention can thus be realized as a computer program with a program code for carrying out the method when the computer program runs on a computer.
  • the management message generator 100 can be implemented as a method (for example for execution on a digital processor), likewise the content key provider 200 can be implemented as a method (for example for execution on a digital processor), as well as the content and content Management message generator 803 or the content providing and processing device 805.
  • B2B service there are proprietary services that target only devices of a particular security class, such as a service of type 9, or security class 9, referred to as a "B2B service.”
  • the administrative information that transmits the content key can only have one security class; Once the content key is included, no parallel management information needs to be transmitted for different security classes.
  • a device class or security class can be defined, eg. It can be referred to below as a base class Service providers, also called “service providers”, who do not want to support the concept presented and the associated additional management messages, can use their services via the Handle base class.
  • the concept presented here for the introduction of safety classes for devices and using different service key for an identical service refers to digital rights management systems and • access systems (DRM and CA systems) and supports Dissemination of DRM and CA systems based on open standards.
  • DRM and CA systems digital rights management systems and • access systems
  • Different terminal implementations and terminal platforms from different manufacturers lead to a colorful terminal landscape.
  • the assignment of the terminals to rudimentary security classes and the use of different service keys per security class for an identical service result in encapsulation. This prevents the analysis of simple low-security devices from affecting the overall system.
  • a service provider wants to distribute a service with low security requirements, it can choose the base class to which all terminals are automatically assigned.
  • secure distribution of analog or digital content e.g. Audio content, video content, or data content
  • a variety of media e.g. a terrestrial broadcasting system, a satellite broadcasting system, an Internet broadcasting system (e.g., by providing content streams)
  • a variety of media e.g. a terrestrial broadcasting system, a satellite broadcasting system, an Internet broadcasting system (e.g., by providing content streams)
  • Vulnerability of the secure or encrypted transmission with respect to potential cryptographic attacks is significantly reduced in some systems.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Multimedia (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Databases & Information Systems (AREA)
  • Computing Systems (AREA)
  • Technology Law (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

Un concept pour la distribution sécurisée d'informations comprend un générateur de messages de gestion générant au moins deux parties de message qui portent des informations pour le décodage d'un contenu dans des terminaux de classes différentes, par exemple de classes de sécurité différentes, ainsi qu'un fournisseur de clé de contenu qui fournit une clé de contenu pour le décodage d'un contenu de données sur la base d'un message de gestion comprenant une pluralité de clés de contenu codées, les clés de contenu codées étant affectées à différentes classes, par exemple à différentes classes de sécurité.
PCT/EP2009/002735 2008-04-25 2009-04-14 Concept pour la distribution sécurisée d'informations WO2009129951A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102008020825A DE102008020825B4 (de) 2008-04-25 2008-04-25 Konzept zur gesicherten Verteilung von Informationen
DE102008020825.6 2008-04-25

Publications (1)

Publication Number Publication Date
WO2009129951A1 true WO2009129951A1 (fr) 2009-10-29

Family

ID=41066316

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2009/002735 WO2009129951A1 (fr) 2008-04-25 2009-04-14 Concept pour la distribution sécurisée d'informations

Country Status (2)

Country Link
DE (1) DE102008020825B4 (fr)
WO (1) WO2009129951A1 (fr)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0822719A2 (fr) * 1996-07-30 1998-02-04 Deutsche Telekom AG Méthodes et arrangements pour empêcher l'utilisation non-autorisée de réseaux de distribution
EP1427210A1 (fr) * 2002-12-04 2004-06-09 Irdeto Access B.V. Terminal, système de distribution de données comprenant un tel terminal, procédé pour re-transmettre des données
US20040151315A1 (en) * 2002-11-06 2004-08-05 Kim Hee Jean Streaming media security system and method

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007511946A (ja) * 2003-11-11 2007-05-10 ノキア コーポレイション 放送ディジタルコンテンツの限定受信制御のためにdrmを用いるためのシステム及び方法

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0822719A2 (fr) * 1996-07-30 1998-02-04 Deutsche Telekom AG Méthodes et arrangements pour empêcher l'utilisation non-autorisée de réseaux de distribution
US20040151315A1 (en) * 2002-11-06 2004-08-05 Kim Hee Jean Streaming media security system and method
EP1427210A1 (fr) * 2002-12-04 2004-06-09 Irdeto Access B.V. Terminal, système de distribution de données comprenant un tel terminal, procédé pour re-transmettre des données

Also Published As

Publication number Publication date
DE102008020825A1 (de) 2009-11-12
DE102008020825B4 (de) 2010-01-14

Similar Documents

Publication Publication Date Title
DE69925466T2 (de) Streaming-media-abspielgerät mit fortdauernde kontrolle und schutz von medieninhalt
US10999631B2 (en) Managed content distribution systems and methods
DE102008020832B3 (de) Konzept zur effizienten Verteilung einer Zugangsberechtigungsinformation
DE60214799T2 (de) System zur Sicherung eines Systems zur Erneuerung einer Verschlüsselung und zur Erfassung und Fernaktivierung eines Verschlüsselungsgerätes
DE60214836T2 (de) Verfahren und netzwerk zum abliefern von streaming-daten
DE60306210T2 (de) System und verfahren zur lokalen gemeinsamen nutzung von multimedia-inhalten
DE19906449C1 (de) Verfahren und Vorrichtung zum Erzeugen eines verschlüsselten Nutzdatenstroms und Verfahren und Vorrichtung zum Abspielen eines verschlüsselten Nutzdatenstroms
DE60307736T2 (de) Serverarchitektur für sichere Plug-ins in digitalen Rechteverwaltungsssystemen
EP1133849B1 (fr) Procede et dispositif pour la generation d'un flux de donnees utiles chiffre et procede et dispositif pour le dechiffrement d'un flux de donnees utiles chiffre
EP2067339B1 (fr) Dispositif et procédé de distribution sécurisée des contenus dans un réseau de télécommunication
DE602004011282T2 (de) Versenden einer Herausgeber-Benutzungslizenz off-line in einem digitalen Rechtesystem
DE69723650T2 (de) Verfahren zur Beglaubigung von Daten mittels Verschlüsselung und System zur Beglaubigung unter Verwendung eines solchen Verfahrens
EP1151561B1 (fr) Procede et dispositif pour la generation d'un flux de donnees et procede et dispositif pour la lecture d'un flux de donnees
DE602004005219T2 (de) Verfahren und einrichtung zur sicherung der inhaltsablieferung über ein kommunikationsnetz über inhaltsschlüssel
EP2146285A1 (fr) Procédé de fonctionnement d'un système d'accès conditionnel, destiné aux réseaux informatiques, et système de sa mise en oeuvre
DE102005039361B4 (de) Verfahren und Vorrichtung zur Multicast-Übertragung von Programminformationen
JP2008512924A (ja) 限定受信を提供する方法
JP5161372B2 (ja) 管理センターによって放送番組に対して受信規則を施行する方法
DE102005040333A1 (de) Verfahren und Vorrichtung zur Erzeugung eines Inhaltdekodierungsschlüssels
DE102008020825B4 (de) Konzept zur gesicherten Verteilung von Informationen
DE102007016117A1 (de) Verfahren und System zum Bereitstellen eines REL-Tokens
WO2011080079A1 (fr) Procédé et système de fourniture d'objets de données à protection erdm
DE112007000419B4 (de) Digitale-Rechte-Managementsystem mit diversifiziertem Inhaltsschutzprozess
US20100146297A1 (en) Method and system digital for processing digital content according to a workflow
EP1329050A2 (fr) Module pour la transmission securisee de donnees

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09734432

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09734432

Country of ref document: EP

Kind code of ref document: A1