PREVENTING THE USE OF MODIFIED RECEIVER FIRMWARE IN RECEIVERS OF A CONDITIONAL ACCESS SYSTEM

US 20110191589A1
Filed: 02/02/2011
Published: 08/04/2011
Est. Priority Date: 02/03/2010
Status: Active Grant

First Claim

Patent Images

1. A receiver comprising:

a descrambler configured to descramble scrambled content using a control word to obtain descrambled content;

a decrypter configured to decrypt an encrypted control word using a response to obtain the control word;

a firmware memory; and

a probe module configured to receive a challenge indicative of one or more locations in the firmware memory and to read data from the one or more locations in the firmware memory, the data forming the response.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention enables the shared secret, which is used for encrypting the communication of CWs from a smartcard to a receiver, to cover at least a part of a binary image of firmware that is executing in the receiver. Preferably the shared secret covers the entire binary image of the firmware. Hereto, data from one or more predefined firmware memory locations are read, the set of data forming the shared secret.

7 Citations

View as Search Results

15 Claims

1. A receiver comprising:
- a descrambler configured to descramble scrambled content using a control word to obtain descrambled content;
  
  a decrypter configured to decrypt an encrypted control word using a response to obtain the control word;
  
  a firmware memory; and
  
  a probe module configured to receive a challenge indicative of one or more locations in the firmware memory and to read data from the one or more locations in the firmware memory, the data forming the response.
- View Dependent Claims (2, 7, 8, 9, 10, 11)
- - 2. The receiver according to claim 1, wherein the probe module is further configured to receive a further challenge and to calculate a further response using the response and the further challenge;
    - and/or wherein the decrypter is configured to decrypt a further encrypted control word using the further response to obtain a further control word; and
      
      /or wherein the descrambler is configured to descramble further scramble content using the further control word to obtain further descrambled content.
  - 7. A head-end system comprising a memory configured to store a copy of a firmware memory of the receiver according to claim 1, wherein the head-end system is configured to generate a challenge response pair, wherein the challenge is indicative of one or more locations in the firmware memory and the response is formed by data read from the one or more locations in the firmware memory, and further configured to encrypt the challenge response pair and transmit the encrypted challenge response pair to the smartcard according to claim 3.
  - 8. The head-end system according to claim 7, wherein the encrypted challenge-response pair is transmitted in an entitlement management message and wherein the head-end system is configured to transmit an encrypted control word to the smartcard in an entitlement control message.
  - 9. The head-end system according to claim 7, wherein the encrypted challenge-response pair is transmitted in an entitlement control message and wherein entitlement control message further comprises an encrypted control word.
  - 10. A conditional access system comprising the receiver according to claim 1 that is communicatively directly connected to the smartcard according to claim 3, the conditional access system further comprising a further receiver that is communicatively connected to the receiver via a network, wherein the further receiver uses the smartcard to obtain a control word for descrambling scrambled content in the further receiver.
  - 11. The conditional access system according to claim 10, further comprising the head-end system according to claim 7.

3. A smartcard comprising:
- a key memory configured to store a first key and a second key;
  
  a first decrypter configured to decrypt one or more encrypted challenge-response pairs using the second key from the key memory to obtain one or more decrypted challenge response pairs;
  
  a memory configured to store the one or more challenge-response pairs;
  
  a second decrypter configured to decrypt an encrypted control word using the first key from the key memory to obtain a control word;
  
  an encrypter configured to encrypt the control word using a response of one of the challenge-response pairs stored in the memory to obtain a re-encrypted control word,wherein the smartcard is configured to transmit the re-encrypted control word and a challenge of the one of the challenge-response pairs to a receiver, and wherein the challenge is indicative of one or more locations in a firmware memory of the receiver, data in the one or more locations in the firmware forming the response enabling the receiver to decrypt the encrypted control word.
- View Dependent Claims (6)
- - 6. The smartcard according to claim 3, further configured to receive identification data from the receiver, wherein the response is linked to a particular identification data, and wherein the memory is configured to store only the challenge response pairs for which the particular identification data matches the received identification data.

4. A smartcard comprising:
- a key memory configured to store a key;
  
  a decrypter configured to decrypt an encrypted control word, an encrypted challenge and two or more encrypted responses using the key from the key memory to obtain a control word, a challenge and two or more responses, respectively, wherein each response forms a challenge-response pair with the challenge for a particular receiver;
  
  an encrypter configured to encrypt the control word using a response of one of the challenge response pairs to obtain a re-encrypted control word,wherein the smartcard is configured to transmit the re-encrypted control word and the challenge of the one of the challenge-response pairs to a receiver, and wherein the challenge is indicative of one or more locations in a firmware memory of the receiver, data in the one or more locations in the firmware forming the response enabling the receiver to decrypt the encrypted control word.
- View Dependent Claims (5)
- - 5. The smartcard according to claim 4, further comprising a memory configured to store one or more of the challenge response pairs.

12. A method in a receiver comprising:
- descrambling scrambled content using a control word to obtain descrambled content;
  
  decrypting an encrypted control word using a response to obtain the control word;
  
  receiving a challenge indicative of one or more locations in a firmware memory of the receiver; and
  
  reading data from the one or more locations in the firmware memory, the data forming the response.
- View Dependent Claims (13)
- - 13. The method according to claim 12, further comprising:
    - receiving a further challenge;
      
      calculating a further response using the response and the further challenge;
      
      decrypting a further encrypted control word using the further response to obtain a further control word; and
      
      descrambling further scramble content using the further control word to obtain further descrambled content.

14. A method in a smartcard comprising:
- decrypting one or more encrypted challenge response pairs using a second key to obtain one or more decrypted challenge response pairs;
  
  storing the one or more challenge response pairs) in a memory;
  
  decrypting an encrypted control word using a first key to obtain a control word;
  
  encrypting the control word using a response of one of the challenge response pairs stored in the memory to obtain a re-encrypted control word; and
  
  transmitting the re-encrypted control word and a challenge of the one of the challenge response pairs to a receiver,wherein the challenge is indicative of one or more locations in a firmware memory of the receiver, data in the one or more locations in the firmware forming the response enabling the receiver to decrypt the encrypted control word.

15. A method in a smartcard comprising:
- decrypting an encrypted control word, an encrypted challenge and two or more encrypted responses using a key to obtain a control word, a challenge and two or more responses, respectively, wherein each response forms a challenge response pair with the challenge for a particular receiver;
  
  encrypting the control word using a response of one of the challenge response pairs to obtain a re-encrypted control word; and
  
  transmitting the re-encrypted control word and the challenge of the one of the challenge response pairs to a receiver,wherein the challenge is indicative of one or more locations in a firmware memory of the receiver, data in the one or more locations in the firmware forming the response enabling the receiver to decrypt the encrypted control word.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Irdeto B.V. (MultiChoice Group Ltd.)
Original Assignee
Irdeto B.V. (MultiChoice Group Ltd.)
Inventors
Dekker, Gerard Johan

Granted Patent

US 9,077,854 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/172
CPC Class Codes

G06F 21/10   Protecting distributed prog...

H04N 21/25808   Management of client data t...

H04N 21/26606   for generating or managing ...

H04N 21/4181   for conditional access

H04N 21/4367   Establishing a secure commu...

H04N 21/4623   Processing of entitlement m...

H04N 21/8166   involving executable data, ...

H04N 7/163   by receiver means only

PREVENTING THE USE OF MODIFIED RECEIVER FIRMWARE IN RECEIVERS OF A CONDITIONAL ACCESS SYSTEM

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

7 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

PREVENTING THE USE OF MODIFIED RECEIVER FIRMWARE IN RECEIVERS OF A CONDITIONAL ACCESS SYSTEM

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

7 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links