METHOD FOR PROVIDING ACCESS CONTROL TO MEDIA SERVICES

US 20100299528A1
Filed: 05/24/2010
Published: 11/25/2010
Est. Priority Date: 05/25/2009
Status: Active Grant

First Claim

Patent Images

1. A method for allowing a receiving device comprising a security module to access media services encrypted under at least a control word, said access being subject to at least the presence of a right in said security module, the method comprising:

receiving an entitlement management message comprising at least said right and verification data;

processing the entitlement management message at least to check the verification data;

during the processing of said entitlement management message, building a signature value through a plurality of predetermined operations at intervals within said processing step;

deriving a digest (KRi) from at least a part of said signature value;

in response to said entitlement management message being valid, recording the right into a rights database together with the digest;

receiving an entitlement control message (ECM) comprising an encrypted control word and an access condition referring to said right;

processing said entitlement control message at least to verify whether the right referred to by said access condition is present in the rights database;

retrieving a digest corresponding to the right referred to by the access condition; and

decrypting the encrypted control word using said digest.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention proposes a solution to prevent a program flow in a processing unit from being modified with respect to an intended program flow, thereby ensuring that important steps such as verifying or authenticating are not bypassed. The invention is particularly aimed at security modules within receiver/decoders in a pay-TV system and involves performing a set of predetermined operations during the processing of entitlement management messages and/or entitlement control messages, said operations being redundant with respect to the normal processing of said messages while leading to the calculation of keys which can then be used to verify that the intended program flow has been respected.

54 Citations

View as Search Results

10 Claims

1. A method for allowing a receiving device comprising a security module to access media services encrypted under at least a control word, said access being subject to at least the presence of a right in said security module, the method comprising:
- receiving an entitlement management message comprising at least said right and verification data;
  
  processing the entitlement management message at least to check the verification data;
  
  during the processing of said entitlement management message, building a signature value through a plurality of predetermined operations at intervals within said processing step;
  
  deriving a digest (KRi) from at least a part of said signature value;
  
  in response to said entitlement management message being valid, recording the right into a rights database together with the digest;
  
  receiving an entitlement control message (ECM) comprising an encrypted control word and an access condition referring to said right;
  
  processing said entitlement control message at least to verify whether the right referred to by said access condition is present in the rights database;
  
  retrieving a digest corresponding to the right referred to by the access condition; and
  
  decrypting the encrypted control word using said digest.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method according to claim 1, wherein the control word is encrypted by a global EMM key, said method further comprising the steps of:
    - pre-storing in the security module at least one cryptogram related to said right, said cryptogram representing the global EMM key encrypted by the digest;
      
      during the processing of the entitlement control message, retrieving the cryptogram related to the selected right;
      
      decrypting the retrieved cryptogram with the digest to obtain the global EMM key; and
      
      using the global EMM key to decrypt the encrypted control word to obtain the control word.
  - 3. The method according to claim 1, wherein said right refers to one of a plurality of different possible categories of rights, the control word being encrypted by said global EMM key, said method further comprising the steps of:
    - pre-storing in the security module a plurality of cryptograms each being related to one of said categories, each cryptogram representing the global EMM key encrypted by the digest pertaining to said category;
      
      during the processing of the entitlement control message, determining the category referred to by said access condition and retrieving the cryptogram corresponding to the category thus determined; and
      
      decrypting the retrieved cryptogram with the digest corresponding to said category to obtain the global EMM key.
  - 4. The method according to claim 2, wherein the control word is double encrypted by the global EMM key and a global ECM key, said method further comprising the steps of:
    - during the processing of said entitlement control message, locally building an ECM key equivalent to the global ECM key through a plurality of predetermined operations at intervals within said processing step; and
      
      decrypting the double encrypted control word using the resulting ECM key to obtain the encrypted control word.
  - 5. The method according to claim 4, wherein the entitlement management message further comprises a parameterized key and wherein at least one parameter can be derived from said electronic management message, said method further comprising the steps of:
    - while determining the digest, using the at least one parameter from the entitlement management message to calculate an individual signature value related to said entitlement management message;
      
      extracting the parameterized key from the entitlement management message; and
      
      decrypting the parameterized key with the calculated individual signature value to obtain the digest.

6. A receiving device comprising a security module to access media services encrypted under at least a control word, said access being subject to at least the presence of a right in said security module, said security module comprising:
- a processor; and
  
  a database connected to the processor;
  
  wherein the processor is configured to perform the steps of;
  
  receiving an entitlement management message comprising at least said right and verification data;
  
  processing the entitlement management message at least to check the verification data;
  
  during the processing of said entitlement management message, building a signature value through a plurality of predetermined operations at intervals within said processing step;
  
  deriving a digest from at least a part of said signature value;
  
  in response to said entitlement management message being valid, recording the right into a rights database together with the digest;
  
  receiving an entitlement control message comprising an encrypted control word and an access condition referring to said right;
  
  processing said entitlement control message at least to verify whether the right referred to by said access condition is present in the rights database;
  
  retrieving the corresponding digest corresponding to the right referred to by the access condition; and
  
  decrypting the encrypted control word using said digest.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The receiving device according to claim 6, wherein the control word is encrypted by a global EEM key, and wherein the processor is further configured to perform steps of:
    - pre-storing in the security module at least one cryptogram related to said right, said cryptogram representing the global EMM key encrypted by the digest;
      
      during the processing of the entitlement control message, retrieving the cryptogram related to the selected right;
      
      decrypting the retrieved cryptogram with the digest to obtain the global EMM key; and
      
      using the global EMM key to decrypt the encrypted control word to obtain the control word.
  - 8. The receiving device according to claim 6, wherein said right refers to one of a plurality of different possible categories of rights, the control word being encrypted by said global EMM key, and wherein the processor is further configured to perform steps of:
    - pre-storing in the security module a plurality of cryptograms each being related to one of said categories, each cryptogram representing the global EMM key encrypted by the digest pertaining to said category;
      
      during the processing of the entitlement control message, determining the category referred to by said access condition and retrieving the cryptogram corresponding to the category thus determined; and
      
      decrypting the retrieved cryptogram with the digest corresponding to said category to obtain the global EMM key.
  - 9. The receiving device according to claim 6, wherein the control word is double encrypted by the global EMM key and a global ECM key, and wherein the processor is further configured to perform steps of:
    - during the processing of said entitlement control message, locally building an ECM key equivalent to the global ECM key through a plurality of predetermined operations at intervals within said processing step; and
      
      decrypting the double encrypted control word using the resulting ECM key to obtain the encrypted control word.
  - 10. The receiving device according to claim 9, wherein the entitlement management message further comprises a parameterized key, wherein at least one parameter can be derived from said electronic management message, and wherein the processor is further configured to perform steps of:
    - while determining the digest, using the at least one parameter from the entitlement management message to calculate an individual signature value related to said entitlement management message;
      
      extracting the parameterized key from the entitlement management message; and
      
      decrypting the parameterized key with the calculated individual signature value to obtain the digest.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nagravision SA (Kudelski SA)
Original Assignee
Nagravision SA (Kudelski SA)
Inventors
Le Floch, Dominique

Granted Patent

US 8,522,036 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/179
CPC Class Codes

H04N 21/26606   for generating or managing ...

H04N 21/4181   for conditional access

H04N 21/4623   Processing of entitlement m...

H04N 7/1675   Providing digital key or au...

METHOD FOR PROVIDING ACCESS CONTROL TO MEDIA SERVICES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

54 Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD FOR PROVIDING ACCESS CONTROL TO MEDIA SERVICES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

54 Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links