SECURELY PROVIDING A CONTROL WORD FROM A SMARTCARD TO A CONDITIONAL ACCESS MODULE

US 20100211797A1
Filed: 02/10/2010
Published: 08/19/2010
Est. Priority Date: 02/13/2009
Status: Abandoned Application

First Claim

Patent Images

1. A method for securely providing a control word from a smartcard to a conditional access module of a receiver, the receiver being configured for interaction with a user, the method comprising the steps in the smartcard of:

obtaining diversification data from at least one of the smartcard and the conditional access module, the diversification data being dependent on the user interaction;

generating an encryption key using a diversification function having as input the diversification data and having as output the encryption key;

encrypting the control word using the encryption key to obtain an encrypted control word;

if the diversification data is obtained from the smartcard, providing the diversification data to the conditional access module for generating a decryption key to decrypt the encrypted control word; and

providing the encrypted control word to the conditional access module.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various embodiments of the invention provide a method, a smartcard, a conditional access module (CAM) of a receiver and a receiver, such as e.g. a set-top box, for securely providing a control word from the smartcard to the CAM. In various embodiments, diversification data from the smartcard and the CAM is used to make the encryption key and decryption key to encrypt and decrypt the control word in the smartcard and CAM, respectively, dependent on a user interaction with the receiver, such as e.g. selecting a service in the set-top box.

Citations

19 Claims

1. A method for securely providing a control word from a smartcard to a conditional access module of a receiver, the receiver being configured for interaction with a user, the method comprising the steps in the smartcard of:
- obtaining diversification data from at least one of the smartcard and the conditional access module, the diversification data being dependent on the user interaction;
  
  generating an encryption key using a diversification function having as input the diversification data and having as output the encryption key;
  
  encrypting the control word using the encryption key to obtain an encrypted control word;
  
  if the diversification data is obtained from the smartcard, providing the diversification data to the conditional access module for generating a decryption key to decrypt the encrypted control word; and
  
  providing the encrypted control word to the conditional access module.
- View Dependent Claims (2, 3)
- - 2. The method according to claim 1, further comprising the step of generating in the smartcard a hash value using a hashing function having as input the control word, a previous control word and a previous hash value, and wherein the diversification function has the hash value and the diversification data as input.
  - 3. The method according to claim 1, wherein the step of generating the encryption key includes the step of encrypting the encryption key to obtain an encrypted encryption key and the output is the encrypted encryption key, and wherein the encrypted encryption key is used as encryption key to encrypt the control word.

4. A method for securely obtaining a control word in a conditional access module of a receiver from a smartcard, the receiver being configured for interaction with a user, the method comprising the steps in the conditional access module of:
- obtaining diversification data from at least one of the conditional access module and the smartcard, the diversification data being dependent on the user interaction;
  
  if the diversification data is obtained from the conditional access module, providing the diversification data to the smartcard for generating an encrypted control word;
  
  generating a decryption key using a diversification function having as input the diversification data and having as output the decryption key;
  
  receiving the encrypted control word from the smartcard; and
  
  decrypting the encrypted control word using the decryption key to obtain the control word.
- View Dependent Claims (5, 6)
- - 5. The method according to claim 4, further comprising the step of generating in the conditional access module a hash value using a hashing function having as input the control word, a previous control word and a previous hash value, and wherein the diversification function has the hash value and the diversification data as input.
  - 6. The method according to claim 4, wherein the step of generating the decryption key includes the step of encrypting the decryption key to obtain an encrypted decryption key and the output is the encrypted decryption key, and wherein the encrypted decryption key is used as decryption key to decrypt the encrypted control word.

7. A smartcard for securely providing a control word to a conditional access module of a receiver, the receiver being configured for interaction with a user, the smartcard comprising:
- at least one of a first detector and a second detector, wherein the first detector is configured to detect a first user interaction and to generate first diversification data dependent on a first user interaction, and wherein the second detector is configured to obtain from the conditional access module second diversification data dependent a second user interaction;
  
  an encryption key generator configured to generate an encryption key with a diversification function having as input at least one of the first and second diversification data and having as output the encryption key; and
  
  an encryptor configured to encrypt the control word using the encryption key to obtain an encrypted control word,wherein the smartcard is configured to provide the encrypted control word to the conditional access module.
- View Dependent Claims (8, 9, 10)
- - 8. The smartcard according to claim 7, further comprising a hash generator configured to generate a hash value with a hashing function using as input the control word, a previous control word and a previous hash value, and wherein the diversification function has the hash value and the at least one of the first and second diversification data as input to generate the encryption key.
  - 9. The smartcard according to claim 7, wherein the encryption key generator is further configured to encrypt the encryption key to obtain an encrypted encryption key and the output is the encrypted encryption key, and wherein the encrypted encryption key is used as encryption key to encrypt the control word.
  - 10. The smartcard according to claim 7, wherein the diversification function comprises a software code portion that is protected by white-box cryptography or software code obfuscation.

11. A conditional access module of a receiver for securely obtaining a control word from a smartcard, the receiver being configured for interaction with a user, wherein the conditional access module is configured to receive an encrypted control word from the smartcard, the conditional access module comprising:
- at least one of a first detector and a second detector, wherein the first detector is configured to detect a first user interaction and to generate first diversification data dependent on the first user interaction, and wherein the second detector is configured to obtain from the smartcard second diversification data dependent on a second user interaction;
  
  a decryption key generator configured to generate a decryption key with a diversification function having as input at least one of the first and second diversification data and having as output the decryption key; and
  
  a decryptor configured to decrypt the encrypted control word using the decryption key to obtain the control word.
- View Dependent Claims (12, 13, 14)
- - 12. The conditional access module according to claim 11, further comprising a hash generator configured to generate a hash value with a hashing function using as input the control word, a previous control word and a previous hash value, and wherein the diversification function has the hash value and the at least one of the first and second diversification data as input to generate the decryption key.
  - 13. The conditional access module according to claim 11, wherein the decryption key generator is further configured to encrypt the decryption key to obtain an encrypted decryption key and the output is the encrypted decryption key, and wherein the encrypted decryption key is used as decryption key to decrypt the encrypted control word.
  - 14. The conditional access module according to claim 11, wherein the diversification function comprises a software code portion that is protected by white-box cryptography or software code obfuscation.

15. A receiver for descrambling scrambled data, comprising:
- a first descrambler configured to descramble a first part of the scrambled data;
  
  a second descrambler configured to descramble a second part of the scrambled data; and
  
  a conditional access module of the receiver for securely obtaining a control word from a smartcard, the receiver being configured for interaction with a user, wherein the conditional access module is configured to receive an encrypted control word from the smartcard, the conditional access module including;
  
  at least one of a first detector and a second detector, wherein the first detector is configured to detect a first user interaction and to generate first diversification data dependent on the first user interaction, and wherein the second detector is configured to obtain from the smartcard second diversification data dependent on a second user interaction,a decryption key generator configured to generate a decryption key with a diversification function having as input at least one of the first and second diversification data and having as output the decryption key, anda decryptor configured to decrypt the encrypted control word using the decryption key to obtain the control word;
  
  wherein the first descrambler is configured to use the control word obtained by the conditional access module to descramble the first part of the scrambled data.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The receiver according to claim 15, wherein the scrambled data is a digital video stream, the first part is an audio component of the digital video stream and the second part is a video component of the digital video stream.
  - 17. The receiver according to claim 15, wherein the conditional access module further comprising a hash generator configured to generate a hash value with a hashing function using as input the control word, a previous control word and a previous hash value, and wherein the diversification function has the hash value and the at least one of the first and second diversification data as input to generate the decryption key.
  - 18. The receiver according to claim 15, wherein the decryption key generator is further configured to encrypt the decryption key to obtain an encrypted decryption key and the output is the encrypted decryption key, and wherein the encrypted decryption key is used as decryption key to decrypt the encrypted control word.
  - 19. The receiver according to claim 15, wherein the diversification function comprises a software code portion that is protected by white-box cryptography or software code obfuscation.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Irdeto B.V. (MultiChoice Group Ltd.)
Original Assignee
Irdeto Access B.V. (MultiChoice Group Ltd.)
Inventors
Westerveld, Egbert, Wajs, Andrew Augustine

Application Number

US12/703,482
Publication Number

US 20100211797A1
Time in Patent Office

Days
Field of Search
US Class Current

713/185
CPC Class Codes

H04L 2209/16   Obfuscation or hiding, e.g....

H04L 9/0822   using key encryption key

H04N 21/4112   having fewer capabilities t...

H04N 21/4181   for conditional access

H04N 21/4367   Establishing a secure commu...

H04N 21/4623   Processing of entitlement m...

H04N 7/165   Centralised control of user...

SECURELY PROVIDING A CONTROL WORD FROM A SMARTCARD TO A CONDITIONAL ACCESS MODULE

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

SECURELY PROVIDING A CONTROL WORD FROM A SMARTCARD TO A CONDITIONAL ACCESS MODULE

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links