Classifications

• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
  • H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
  • H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
  • H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
  • H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
  • H04N7/00—Television systems
  • H04N7/16—Analogue secrecy systems; Analogue subscription systems
  • H04N7/162—Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing
  • H04N7/165—Centralised control of user terminal ; Registering at central
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
  • H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
  • H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
  • H04N21/23—Processing of content or additional data; Elementary server operations; Server middleware
  • H04N21/234—Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
  • H04N21/2347—Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption
  • H04N21/23476—Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption by partially encrypting, e.g. encrypting the ending portion of a movie
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
  • H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
  • H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
  • H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
  • H04N21/44—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
  • H04N21/4405—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream decryption
  • H04N21/44055—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream decryption by partially decrypting, e.g. decrypting a video stream that has been partially encrypted
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
  • H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
  • H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
  • H04N21/65—Transmission of management data between client and server
  • H04N21/654—Transmission by server directed to the client
  • H04N21/6543—Transmission by server directed to the client for forcing some client operations, e.g. recording
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
  • H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
  • H04N21/80—Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
  • H04N21/83—Generation or processing of protective or descriptive data associated with content; Content structuring
  • H04N21/835—Generation of protective data, e.g. certificates
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
  • H04N7/00—Television systems
  • H04N7/16—Analogue secrecy systems; Analogue subscription systems
  • H04N7/167—Systems rendering the television signal unintelligible and subsequently intelligible
  • H04N7/1675—Providing digital key or authorisation information for generation or regeneration of the scrambling sequence

Definitions

• the invention lies in the field of the fight against piracy of digital data distributed in an entangled form by an operator to users with access rights. More specifically, the invention relates to a method of transmitting to a receiving equipment a message containing a description of an action to be performed in said equipment at a time chosen by the operator. STATE OF THE PRIOR ART
• ECM Entitlement Control Message
• CW for Control Word
• EMM Entitlement Management Message
• the ECMs are transmitted with the scrambled data whereas the EMMs are generally transmitted before the distribution of these data to the users in order to allow the registration of the access titles and the secret key in the security processor. It has been found that registering the secret key in the security processor a certain time before the transmission of the scrambled data could allow the possible hackers to find this key and fraudulently decipher the control word CW.
• the document FR 2 835 670 of 08/08/2003 describes a method of late disclosure of the same information Kc necessary for descrambling the data transmitted to a group of receivers each having an individual information SAi.
• This method is based on a prior calculation of the information Kc as a function of the individual information SAi, a first parameter K common to all the receivers and a second parameter bi specific to each receiver.
• the second parameter bi is transmitted to the receivers before the information Kc is required to descramble the data while the information K is transmitted only when Kc must be used to descramble the data.
• a disadvantage of this solution comes from the fact that it requires a pre-calculation of the information Kc from pre-loaded elements and a re-calculation of the data to be revealed by the receivers. Therefore, the implementation of this method requires the presence in each receiving equipment of a specific calculation software.
• the object of the invention is to overcome the disadvantages of the prior art described above by a simple method in which the late disclosure of relevant information is the result of conventional processing carried out in the receiving terminals. Another object of the invention is to allow the operator to remotely control the execution of this treatment.
• the invention recommends a method for executing an action in a receiving equipment in an unpredictable manner for potential fraudsters at an instant chosen by the operator.
• the action to be executed may be, for example, an inscription of secret information in a security processor, the deletion of this information, or its update.
• the invention proposes a method of transmitting to a receiving device a message containing a description of the action to be executed comprising the following steps: a - generating said message as a function of the action to be executed, b - encrypting totally or partially said message by a secret parameter, c - transmit to said equipment the encrypted message, d - store the encrypted message in the receiving equipment, and e - at the moment chosen by the operator, transmit to the receiving equipment a description for obtaining said secret parameter, and upon receipt, deciphering the encrypted message stored in the receiving equipment by means of said secret parameter, processing said message to perform said action.
• the moment chosen by the operator is deferred with respect to step c).
• the instant of obtaining said secret parameter by the receiving equipment determines the time of execution of the action envisaged.
• this secret parameter is a random variable transmitted to the receiving equipment in an EMM message or in an ECM message.
• the generation of said secret parameter takes into account data characterizing the current-state of the receiving equipment, these data being able to be: a constant specific to this equipment such as for example its address, or
• the description of said secret parameter is transmitted to the receiving equipment in an ECM message or an EMM message.
• the equipment obtains the value of the secret parameter by interpreting this description.
• the action to be executed is a registration of a secret key in a smart card associated with the receiving equipment, in a first embodiment, this registration can only be performed by a card referenced in the transmitted message. .
• the registration can be carried out only by a card containing a digital datum calculated from the access titles which the user has officially.
• the message containing the description of the action to be executed has a structure of an EMM message.
• said message is transmitted to the receiving equipment as encrypted general data in one or more messages
• a transport EMM comprising a block of bits enabling the receiving equipment to reconstruct the message containing the description of the action to be performed before the decryption of said message.
• the method according to the invention is implemented in a receiver terminal comprising: means for storing a message containing a description of an action to be executed by said terminal, said message being previously transmitted to the terminal in encrypted form by a secret parameter,
• means for decrypting said message by the secret parameter at a deferred instant with respect to the reception of said message means for processing said decrypted message to perform the action in the receiving terminal.
• the terminal is a decoder equipped with a security processor constituted by a smart card.
• the terminal is a computer connected to a scrambled data server and comprising a conditional access module.
• This conditional access module executes a computer program comprising: instructions for storing a message encrypted by a secret parameter containing a description of an action to be executed, instructions for decrypting said message by means of said secret parameter at a deferred instant with respect to receiving said message,
• FIG. 1 schematically illustrates the structure of a message conveying a secret decryption key
• FIG. 2 diagrammatically illustrates the structure of a message to write the message of FIG. 1 in a security processor
• FIG. 3 schematically illustrates the two-part structure of a message for writing the message of FIG. 1,
• FIG. 4 schematically illustrates the structure of an ECM message with disclosure of a secret decryption key.
• the following description relates to the application of the method according to the invention in a system for transmitting audiovisual programs scrambled by a control word CW to a fleet of receiving equipment, the control word CW being previously encrypted by a secret key K .
• This system comprises a central site arranged in an operator comprising: means for generating a message containing a description of an action to be performed in one or more receiving equipment of said park,
• Each receiving equipment includes:
• a non-volatile memory for storing the encrypted message, means for decrypting the encrypted message stored in said non-volatile memory by means of said secret parameter obtained at time T2, and means for processing said message to perform said action.
• the selected instant T2 is deferred with respect to the instant T1.
• the receiving equipments are decoders each provided with a security processor, and the action to be executed consists in registering the secret key necessary to decipher the word of CW control in the security processor. Structure of a. Confidential EMM carrying the key K
• FIG. 1 schematically illustrates the structure of a confidential EMM message 2 carrying the key K to a security processor associated with a decoder.
• This message has the following functional parameters:
• This field contains the address of the security processor for which the EMM message is intended. Note that this message can be sent to a decoder of the park, to several decoders of this park or to all the decoders of said park. Some parts of the address can be made confidential by specific encryption.
• EMM_SOID 6 this field relates to the identification of the cryptographic context applied to the EMM message 2.
• the parameter EMM_SOID specifies the key system implemented in the cryptography applied to the EMM message 2, in particular the reference of the decryption key of the encryption key. the key K transported.
• this field contains a parameter relating to the identification of the cryptographic context to which is intended the key K transported. This parameter specifies in particular the reference under which this key K will be known in this context.
• this field contains the cryptogram of the transported key K. The latter depends on the cryptographic context of the EMM message 2 indicated by the parameter EMM_S0ID 6.
• this optional field is relative to the version number of the key K transported.
• the version number of the transported key K will be associated with the value of the key when it is registered in the security processor.
• this parameter may specify the reference of the data area in which the version number is to be stored. This parameter also specifies that the data area is either erased and then written or replaced.
• this parameter identifies a FAC data block as specified in UTE C90- 007 and in which the version number will be stored.
• - EMM_CONF 16 this field is optional and relates to the setting of the confidentiality applied to the parameters K_SOID 10, K_KEY 12 and K_VERSION 14. These are encrypted during the transport of the EMM 2, independently of the fact that the parameter EMM_C0NF 16 is present or absent, and are then decrypted by the security processor, when processing the EMM message 2 to remove the confidentiality.
• parameter EMM_C0NF 16 When parameter EMM_C0NF 16 is present, it allows the security processor to suppress the confidentiality and to completely process the message to obtain the key K. In this case, the key K is not late revelation.
• a revelation parameter K_REVEAL is transmitted by the operator to the security processor in an ECM message and is associated with the message EMM 2 to cancel the confidentiality and obtain the key K.
• This parameter K_REVEAL makes it possible to reconstitute the privacy setting. In this case, as long as this parameter K_REVEAL is not known, the decoder will not be able to obtain the key K. It is then useful to transmit by ECM the revelation parameter K_REVEAL just at the moment when the security processor needs the key. key K. For this purpose, the EMM message is stored in the security processor until K_REVEAL is received.
• EMM_REDUND 18 this field contains a cryptographic redundancy information of the EMM 2 message carrying the key K.
• the functional parameters above are combined by TLV (Type Length Value) structure. These parameters can be in an order depending on the implementation chosen. Transmission (J 7 A confidential EMM containing a K key
• the EMM message 2 containing the key K must be stored in the security processor until the latter receives the revelation parameter KJREVEAL which will allow it to process this EMM message 2.
• a first solution is to store the message to be processed in a particular area of the terminal as the security processor does not yet have all the information to process this message.
• a second solution is to store the message to be processed in a particular area of the removable security processor of the receiving equipment, in this case the EMM message is stored in the security processor so as to obtain the key K, even if the security processor is associated with another terminal.
• the EMM message 2 containing the key K is transmitted to the decoder as general data in one or more transport EMM messages.
• An example of such data is a FAC data block as specified in UTE C90-007.
• the EMM 2 is transported in a single transport EMM message.
• the EMM 2 is transported in several transport EMM messages.
• FIG. 2 schematically illustrates the structure of an EMM transport message 20.
• the latter comprises the following functional parameters:
• FAC_ADDRESS 22 This parameter represents the address of the security processor for which the transport EMM message 20 is intended. This message may be intended for a security processor, for several security processors of a group, or for all FR2005 / 050513
• Some parts of the address can be made confidential by specific encryption.
• FAC_SOID 24 this parameter relates to the identification of the cryptographic context applied to the transport EMM message 20 and specifies in particular the system of keys implemented in the cryptography applied to this message.
• this parameter is the EMM message 2 illustrated in FIG. 1 as a general data of the transport EMM message 20. Note that in the present case the EMM message 2 does not include an EMM_CONF parameter 16.
• this parameter contains data intended to facilitate the delayed processing of the K_EMM message 26, such as a reference of the context reference to which the key K is intended, or of the version of the key K.
• This parameter represents a reference of the data area in which the parameters K_EMM 26 and K_AUX 28 must be stored. This reference may be absolute in the memory space of the security processor or relative to the FAC_SOID cryptographic context 24. Note that the FAC_REF parameter 30 may also specify that the data area is either erased then written, or replaced.
• the parameters K_EMM 26 and K_AUX 28 which constitute the data to be entered in the data area may be syntactically included in the parameter FAC-RE 1 F 30. FR2005 / 050513
• the EMM 2 containing the key K is split into two parts transported independently of one another respectively in a first EMMa transport message 40 and in a second EMMb transport message 70. parts are then stored separately from one another in the security processor.
• This embodiment is adapted to the case where the size of a data storage block or that of an EMM is limited.
• FIG. 3 diagrammatically illustrates the structure of the message EMMa 40 and that of the message EMMb 70.
• the message EMMa 40 carries at least the parameter ADDRESS 4 and the parameter EMM_SOID 6 of the EMM 2.
• the message EMMb 70 carries the parameters K_SOID 10, K_KEY 12, K_VERSION 14 and EMM_REDUND 18 of this EMM 2. Note that in this case the EMM message 2 does not include an EMM_CONF parameter 16.
• the first transport EMMa message 40 contains the following functional parameters:
• FAC_ADDRESS 42 this parameter represents the address of the security processor to which the EMMa transport message 40 is addressed. This message may be intended for a security processor, for several security processors of the same group of security processors, to all security processors in this group. Some parts of the address can be made confidential by specific encryption. T / FR2005 / 050513
• FAC_SOID 44 this parameter concerns the identification of the cryptographic context applied to the EMMa transport message 40 and specifies in particular the key system implemented in the cryptography applied to this message.
• the ADDRESS 4 and EMM_SOID 6 parameters are identical to those of the EMM 2 of FIG.
• K_AUX 52 this parameter contains data intended to facilitate the reconstitution or deferred processing of the EMM 2, such as a reminder of the version of the key K. This parameter K_AUX 52 depends on the implementation.
• This parameter represents a reference of the data area in which the parameters ADDRESS 4, EMM_SOID 6, K_AUX 52 must be memorized. This reference can be absolute in the memory space of the security processor or relative to the cryptographic context FAC_SOID 44.
• FAC_REF_1 parameter 60 can also specify that the data area is either erased and then written or replaced.
• the parameters ADDRESS 4, EMM_SOID 6 and K_AUX 52 which constitute the data to be entered in the data zone can be syntactically included in the parameter FAC_REF_1 60,
• FAC_REDUND_1 62 represents the cryptographic redundancy of the EMMa transport message 40.
• the second transport message EMMb 70 contains the following functional parameters: - FAC_ADDRESS 64: This parameter represents the address of the security processor. It is identical to the FAC_ADDRESS parameter 42 of the EMMa transport message 40.
• FAC_S0ID 66 relates to the identification of the cryptographic context applied to the EMMb transport message 70. It is identical to the FAC_SOID parameter 44 of the EMMa transport message 40.
• this parameter represents a reference of the data zone in which the parameters K_SOID 10, K_KEY 12, K_VERSI0N 14 and EMM_REDUND 18 must be memorized. This reference can be absolute in the memory space of the security processor or relative to the cryptographic context FAC_SOID 66.
• parameter FAC_REF_2 78 can also specify that the data area is either erased then written, or replaced and that the data to be written in the data area can be syntactically included in the parameter FAC_REF_2 78.
• - FAC_REDUND_2 80 represents a cryptographic redundancy of the transport message EMMb 70. In all modes of transport of the message
• EMM 2 a preferred implementation of the functional parameters above is the combination of these parameters by TLV structure (Type Length Value). These parameters can be in an order depending on the implementation chosen. Structure of an ECM with disclosure of the decryption key
• FIG. 4 schematically illustrates an ECM message 90 carrying control words to be deciphered by a late-revealing key K.
• This message has the following functional parameters:
• ECM_SOID 92 this parameter represents an identification of the cryptographic context applied to the ECM message 90. This parameter specifies the key system implemented in the cryptography applied to this message, and in particular the reference of the decryption key K of the control words .
• This parameter represents a list of the conditions of access to the scrambled data.
• this parameter represents a cryptogram of the CW control word transported in the ECM message 90.
• - ECM_REDUND 98 this parameter represents a cryptographic redundancy of the ECM message 90 relating to the fields ACCESS_CRITERIA 94 and CW * 96.
• this optional parameter represents auxiliary data characterizing the coding of the ECM message 90.
• - K_REVEAL 102 revealing parameter of the decryption key K. This parameter makes it possible to reconstitute the parameter EMM__CONF 16 for checking the confidentiality of the message EMM 2 carrying the key K.
• - ECM_K_VERSION 104 this optional parameter represents a version of the key decryption K. In a preferred implementation of the method, these functional parameters are combined by structure
• T L V Type Length Value
• the parameter K_REVEAL 102 and optionally ECM_K_VERSION 104 are present when the decryption key K is late revelation.
• the parameter K_REVEAL 102 is extracted from the ECM to decipher I 1 EMM 2 carrying the key K.
• K is reconstituted by the security processor and then decrypted with the K_REVEAL parameter 102 to remove its confidentiality.
• the EMM 2 thus decrypted is then processed to decrypt the key K.
• the decryption key K thus obtained is not stored in the security processor after its revelation. It is revealed at each ECM to decipher the control words.
• the EMM 2 does not contain a parameter K_VERSION 14 and the ECM 90 does not contain a functional parameter ECM_K__VERSION 104.
• the decryption key K obtained is stored in the security processor after its first revelation with its version number K_VERSION 14 provided by the EMM 2.
• the ECM 90 includes the additional parameter ECM_K_VERSION 104 identifying the version of the current decryption key K.
• the security processor does not proceed to its revelation. If the ECM 90 references a version of the decryption key K different from the version already stored, the security processor proceeds to a new revelation of the decryption key K and stores its new value and its new version number. The revelation is also performed when the key K does not exist in the terminal part, either it has not been stored yet, or it has been deleted.
• the decryption key K may be stored in the security processor for a limited period, for example by a number of decryptions of control words made with this key K. At the end of such a period the K key is automatically deleted.
• the definition of the limit of such a period can be a constant of the security processor or be performed by a specific piece of data transmitted by EMM to the security processor.

Landscapes

• Engineering & Computer Science (AREA)
• Multimedia (AREA)
• Signal Processing (AREA)
• Computer Security & Cryptography (AREA)
• Databases & Information Systems (AREA)
• Storage Device Security (AREA)
• Communication Control (AREA)

Applications Claiming Priority (2)

Publications (1)

Family

ID=34946066

Family Applications (1)

Country Status (7)

Families Citing this family (2)

Family Cites Families (16)

• 2004
  • 2004-07-01 FR FR0451391A patent/FR2872651B1/fr not_active Expired - Lifetime
• 2005
  • 2005-06-29 WO PCT/FR2005/050513 patent/WO2006095062A1/fr not_active Ceased
  • 2005-06-29 CN CN2005800226079A patent/CN1981528B/zh not_active Expired - Fee Related
  • 2005-06-29 EP EP05857324A patent/EP1762097A1/de not_active Withdrawn
  • 2005-06-29 US US11/570,782 patent/US20080276083A1/en not_active Abandoned
  • 2005-06-30 TW TW094122100A patent/TWI388181B/zh not_active IP Right Cessation
• 2006
  • 2006-12-29 KR KR1020067027974A patent/KR101270086B1/ko not_active Expired - Fee Related

Non-Patent Citations (1)

Also Published As

Similar Documents

Legal Events