Conditional access system

US 20020044658A1
Filed: 06/14/2001
Published: 04/18/2002
Est. Priority Date: 04/03/1995
Status: Active Grant

First Claim

Patent Images

1. A method of decrypting an encrypted instance of service, the method being carried out in a receiver that has a public key-private key pair, and the method comprising the steps of:

receiving in the receiver a management message having an encrypted multi-session key, wherein the encrypted multi-session key was encrypted by the public key of the receiver;

decrypting the encrypted multi-session key with the private key of the receiver;

storing the multi-session key in a memory of the receiver;

receiving in the receiver a control message together with a service message, the service message having an encrypted portion of the instance of service, the control message including a decryptor;

implementing the decryptor of the service message with the multi-session key to produce a session key; and

decrypting the encrypted portion of the instance of service of the service message using the session key.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cable television system provides conditional access to services. The cable television system includes a headend from which service “instances”, or programs, are broadcast and a plurality of set top units for receiving the instances and selectively decrypting the instances for display to system subscribers. The service instances are encrypted using public and/or private keys provided by service providers or central authorization agents. Keys used by the set tops for selective decryption may also be public or private in nature, and such keys may be reassigned at different times to provide a cable television system in which piracy concerns are minimized.

274 Citations

46 Claims

1. A method of decrypting an encrypted instance of service, the method being carried out in a receiver that has a public key-private key pair, and the method comprising the steps of:
- receiving in the receiver a management message having an encrypted multi-session key, wherein the encrypted multi-session key was encrypted by the public key of the receiver;
  
  decrypting the encrypted multi-session key with the private key of the receiver;
  
  storing the multi-session key in a memory of the receiver;
  
  receiving in the receiver a control message together with a service message, the service message having an encrypted portion of the instance of service, the control message including a decryptor;
  
  implementing the decryptor of the service message with the multi-session key to produce a session key; and
  
  decrypting the encrypted portion of the instance of service of the service message using the session key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46)
- - 2. The method of claim 1, wherein the memory having the multi-session key stored therein is included in a secure element of the receiver, wherein the memory of the secure element is not accessible to elements outside of the secure element, and wherein the step of decrypting the encrypted multi-session key and the step of implementing the decryptor of the service message with the multi-session key are performed in the secure element.
  - 3. The method of claim 2, wherein the secure element is enclosed by tamper resistant packaging.
  - 4. The method of claim 1, further including the steps of:
    - receiving in the receiver a second control message together with a second service message, the second service message including a second encrypted portion of the instance of service, the second control message including a second decryptor;
      
      implementing the second decryptor of the second service message with the multi-session key to produce a second session key;
      
      decrypting the second encrypted portion of the instance of service of the second service message using the second session key.
  - 5. The method of claim 1, wherein the management message further includes authentication information, and further including the step of:
    - using the received authentication information to determine whether the management message is authentic, and wherein the multi-session key is used in the implementing step for producing the session key only if the management message is authentic.
  - 6. The method of claim 1, wherein the memory of the receiver includes a public key of a public key-private key pair for an entitlement agent that is associated with the instance of service, the authentication information of the management message is a digest of at least a portion of the management message that was processed by the private key of the entitlement agent, and the step of using the received authentication information to determine whether the management message is authentic further includes the steps of:
    - processing the processed digest with the public key of the entitlement agent thereby making a reprocessed digest;
      
      making a digest of at least a portion of the received management message; and
      
      comparing the digest with the reprocessed digest, wherein the management message is authentic when the digest is the same as the reprocessed digest.
  - 7. The method of claim 6, and further including the step of:
    - prior to the step of implementing decryptor of service of the service message with the multi-session key, determining that the service message is authentic, and wherein the session key is not produced when the service message is not authentic.
  - 8. The method of claim 7, wherein the step of determining whether the service message is authentic further includes the steps of:
    - making a second digest of at least a portion of the service message and of at least a portion of a secret stored in the memory of the receiver, wherein the secret is associated with the entitlement agent; and
      
      comparing the digest with authentication information that is included in the service message, wherein the service message is authentic when the second digest is the same as the authentication information of the service message.
  - 9. The method of claim 7, wherein the secret is the multi-session key.
  - 10. The method of claim 1, prior to the step of receiving a management message having an encrypted multi-session key further including the steps of:
    - receiving a first management message that is associated with an entitlement agent that is associated with the instance of service, the first management message having encrypted information that was encrypted by the public key of the receiver, the information including an indicator for the entitlement agent and receiver entitlement specification, wherein the receiver entitlement specification indicates the entitlement of the receiver to services associated with the entitlement agent;
      
      using the public key of the receiver to decrypt the encrypted information of the first management message;
      
      associating the receiver entitlement specification with the entitlement agent; and
      
      storing the receiver entitlement specification in the memory of the receiver.
  - 11. The method of claim 10, further including the step of authenticating the first management message at the receiver, wherein the first management message includes authentication information that is used by the receiver to authenticate the first management message.
  - 12. The method of claim 11, wherein the step of authenticating the first management message further includes the steps of:
    - making a digest of at least a portion of the decrypted information of the first management message;
      
      processing the authentication information with a public key of the entitlement agent associated with the first management message, wherein the public key of the entitlement agent associated with the first management message is stored in the memory of the receiver;
      
      comparing the digest with the processed authentication information and authenticating the first management message when the digest is the same as the processed authentication information.
  - 13. The method of claim 12, wherein the step of storing the receiver entitlement specification is performed only if the first management message has been authenticated.
  - 14. The method of claim 1, wherein the management message includes an indicator of the entitlement agent associated with the instance of service, the step of storing the multi-session key includes associating the multi-session key with the entitlement agent, the control message includes a second indicator of the entitlement agent, and further including the step of using the second indicator of the entitlement agent for retrieving the multi-session key from the memory of the receiver.
  - 15. The method of claim 14, wherein the control message includes an entitlement specifier that indicates an entitlement value for the instance of service, and further including the steps of:
    - determining from the value of the entitlement specifier and the receiver entitlement specification whether the receiver is entitled to decrypt the encrypted instance of service, and wherein the step of decrypting the encrypted portion of the instance of service is performed only when the receiver is entitled.
  - 16. The method of claim 1, wherein the decryptor included in the service message is an encrypted session key, and the implementing step includes decrypting the encrypted session key with the multi-session key to produce the session key.
  - 17. The method of claim 1, wherein the decryptor in the service message is a counter value, and the step of implementing includes encrypting the counter value with the multi-session key to produce the session key.
  - 18. The method of claim 1, wherein the receiver is included in a conditional access cable television system having head end equipment in communication with a plurality of entitlement agents that provide a plurality of services to the conditional access cable television system, the memory of the receiver has a plurality of public keys associated with the plurality of entitlement agents stored therein, the management message is associated with a particular entitlement agent of the plurality of entitlement agents, the particular entitlement agent being associated with the instance of service.
  - 19. The method of claim 1, wherein the instance of service is received in the receiver in a plurality of service messages, the plurality of service messages include a first set of service messages that were encrypted using a first encryption key and a second set of service messages that were encrypted using a second encryption key, and the first and second encryption keys are different.
  - 20. The method of claim 19, wherein the plurality of service messages conform to MPEG protocols.
  - 21. The method of claim 19, wherein receiver receives a first control message, which is associated with the instance of service, and the decryptor included therein is associated with the first encryption key, and the receiver receives a second control message, which is associated with the instance of service, and the decryptor included therein is associated with the second encryption key.
  - 22. The method of claim 21, wherein the decryptor included in the first control message is an encrypted first encryption key, the decryptor included in the second control message is an encrypted second encryption key, and the step of implementing produces a first session key using the encrypted first session key with the multi-session key and a second session key using the encrypted second encryption key with the multi-session key.
  - 23. The method of claim 21, wherein the decryptor included in the first control message is a first counter value, and the decryptor included in the second control message is a second counter value, and the step of implementing produces a first session key using the first counter value with the multi-session key and a second session key using the second counter value with the multi-session key.
  - 24. The method of claim 19, wherein the plurality of service messages include multiple sets of service messages, each set of service messages were encrypted with a different encryption key, and the receiver receives a plurality of control messages associated with the instance of service, each control message is associated with one set of service messages and the decryptor included therein is associated with the encryption key used for encrypting the one set of service messages.
  - 26. The receiver of claim 25, further including:
    - a secure element having the processor and the memory included therein, wherein the memory is accessible only to the processor of the secure element.
  - 27. The receiver of claim 26, wherein the secure element is enclosed by tamper resistant packaging.
  - 28. The receiver of claim 25, wherein the decryptor of the control message is a counter value, and wherein the counter value is encrypted with the multi-session key to make the service decryption key.
  - 29. The receiver of claim 25, wherein the decryptor of the control message is an encrypted key, and wherein the encrypted key is decrypted with the multi-session key to make the service decryption key.
  - 30. The receiver of claim 25, wherein the management message includes authentication information that is used by the processor to authenticate the management message, and wherein the processor stores the multi-session key in the memory only if the management message is authentic.
  - 31. The receiver of claim 30, wherein the memory further includes a public key of a second public key-private key pair for the entitlement agent, the authentication information of the management message includes a processed digest, which is a digest of at least a portion of the first message that was processed by the private key of the entitlement agent, and the processor is adapted to make a first digest by processing the processed digest with the public key of the entitlement agent and make a second digest of at least a portion of the first message, and the processor is further adapted to authenticate the first message by comparing the first digest with the second digest, wherein the message is authentic when the first and the second digests are the same.
  - 32. The receiver of claim 25, wherein the control message includes authentication information that is used to authenticate the control message, and wherein the processor makes the service decryption key only if the control message is authentic.
  - 33. The receiver of claim 32, the authentication information of the control message includes a first digest, and the processor is adapted to make a second digest of at least a portion of the control message and authenticate the control message by comparing the first digest with the second digest, wherein the message is authentic when the first and the second digests are the same.
  - 34. The receiver of claim 33, wherein the second digest includes a secret that is shared between the entitlement agent and the receiver.
  - 35. The receiver of claim 34, wherein the secret is the multi-session key.
  - 36. The receiver of claim 33, wherein the first digest is processed by the multi-session key.
  - 37. The receiver of claim 25, wherein the management message includes entitlement agent information that is associated with the entitlement agent, the multi-session key stored in the memory is associated with the entitlement agent information, the control message further includes multi-session key information used for identifying the multi-session key in the memory.
  - 38. The receiver of claim 37, wherein the control message further includes service identification information that is used by the processor to determine whether the processor should provide the service decryptor with the service decryption key for decrypting the encrypted instance of service.
  - 39. The receiver of claim 25, wherein the plurality of messages received in the receiver include a plurality of service messages and a plurality of control messages, the plurality of service messages include a first set of service messages that were encrypted using a first encryption key and a second set of service messages that were encrypted using a second encryption key, and the plurality of control messages include a first control message having a first decryptor included therein and a second control message having a second decryptor included therein, and the first decryptor is associated with the first encryption key and the second decryptor is associated with the second encryption key.
  - 40. The receiver of claim 39, wherein the first decryptor is an encrypted first encryption key, and the second decryptor is an encrypted second encryption key.
  - 41. The receiver of claim 39, wherein the first decryptor is a first counter value, and the second decryptor is a second counter value.
  - 42. The receiver of claim 25, wherein the plurality of messages received in the receiver include a plurality of service messages and a plurality of control messages, the plurality of service messages include multiple sets of service messages, each set of service messages include service messages that have been encrypted by a single encryption key, each control message of the plurality of control messages is associated with one set of service messages.
  - 43. The receiver of claim 42, wherein the control message that is associated with one particular set of service messages, which were encrypted by one particular encryption key, of the multiple sets of service messages includes a decryptor that is associated with the particular encryption key.
  - 44. The receiver of claim 43, wherein the decryptor is a counter value.
  - 45. The receiver of claim 43, wherein the decryptor is the particular encryption key, which has been encrypted using the multi-session key.
  - 46. The receiver of claim 42, wherein each set of service messages of the multiple sets of service messages is encrypted using a different single encryption key.

25. A receiver in a conditional access system for decrypting an instance of a service associated with an entitlement agent, the receiver comprising:
- a port adapted to receive a plurality of messages including a management message, a control message and a service message, the service message including an encrypted portion of the instance of service, the control message including a decryptor, the management message including an encrypted multi-session key;
  
  a memory adapted to store a plurality of keys including a private key of a public key-private key pair and the multi-session key;
  
  a processor in communication with the port and the memory, the processor adapted to use the private key to decrypt the encrypted multi-session key and store the multi-session key in the memory, the processor further adapted to make a service decryption key for decrypting the encrypted instance of service by implementing the decryptor with the multi-session key; and
  
  a service decryptor in communication with the processor, the service decryptor adapted to use the service decryption key to decrypt the encrypted instance of service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Tech 5 SAS
Original Assignee
Anthony J. Wasilewski, Glendon L. Akins III, Howard G. Pinder, Michael S. Palgon
Inventors
Akins,, Glendon L. III, Pinder, Howard G., Wasilewski, Anthony J., Palgon, Michael S.

Granted Patent

US 6,510,519 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/239
CPC Class Codes

H04J 2203/008   Support of video

H04L 2463/101   applying security measures ...

H04L 63/04   for providing a confidentia...

H04L 63/0428   wherein the data content is...

H04L 63/0442   wherein the sending and rec...

H04L 63/045   wherein the sending and rec...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0823   using certificates cryptogr...

H04L 63/12   Applying verification of th...

H04L 63/123   received data contents, e.g...

H04L 63/126   the source of the received ...

H04N 21/2265   Server identification by a ...

H04N 21/23476   by partially encrypting, e....

H04N 21/26606   for generating or managing ...

H04N 21/426   Internal components of the ...

H04N 21/4405   involving video stream decr...

H04N 21/4524   involving the geographical ...

H04N 21/63345   by transmitting keys key di...

H04N 7/162   Authorising the user termin...

H04N 7/163   by receiver means only

H04N 7/1675 : Providing digital key or au...

H04N 7/17354 : in an intermediate station ...

View All

Conditional access system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

274 Citations

46 Claims

Specification

Solutions

Use Cases

Quick Links

Conditional access system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

274 Citations

46 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links