Methods and apparatus for uniquely encrypting data at a plurality of data transmission sites for transmission to a reception site
First Claim
1. A method for uniquely encrypting a set of data at each of a plurality N of transmission sites for transmission to and subsequent decryption at at least one reception site comprising the steps of:
- (a) providing each transmission site with a broadcast key unique to that transmission site and a system key that is the same for all transmission sites, said system key comprising a plurality S of bits and each of said broadcast keys comprising a unique plurality B of bits, wherein B is less than S;
(b) convolving in a predetermined manner at each transmission site the system key and the broadcast key unique to that transmission site to generate a unique data encryption key for that transmission site, said unique encryption key comprising a third number E of bits, E being at least greater than B;
(c) encrypting a set of data at each transmission site with the unique data encryption key generated at that site; and
(d) transmitting the sets of data uniquely encrypted at each transmission site to the reception site;
wherein there is stored, in a memory at the reception site, the system key and each of said broadcast keys for regenerating at the reception site, for the purpose of decrypting any one of said encrypted sets of data, the unique data encryption keys used to encrypt said sets of data at each respective transmission site, the memory capacity necessary to store the system key and the broadcast keys at the reception site being no greater than ((N×
B)+S) bits.
3 Assignments
0 Petitions
Accused Products
Abstract
In a data transmission system comprising a plurality N of transmission sites and at least one reception site, a set of data at each transmission site is uniquely encrypted by (a) providing each transmission site with a broadcast key unique to that transmission site and a system key that is the same for all transmission sites, the system key comprising a plurality S of bits and each of the broadcast keys comprising a unique plurality B of bits, wherein B is less than S; (b) convolving in a predetermined manner at each transmission site the system key and the broadcast key unique to that transmission site to generate a unique data encryption key for that transmission site; (c) encrypting the set of data at each transmission site with the unique data encryption key generated at that site. The sets of data uniquely encrypted at each transmission site are then transmitted to the reception site. There is stored, in a memory at the reception site, the system key and the of said broadcast keys to enable a selected one of the encrypted sets of data to be decrypted at the reception site. The memory capacity necessary to store the system key and the broadcast keys at the reception site is no greater than ((N×B)+S) bits. Alternatively, a plurality N of data sets at a single transmission site are encrypted in this manner.
-
Citations
45 Claims
-
1. A method for uniquely encrypting a set of data at each of a plurality N of transmission sites for transmission to and subsequent decryption at at least one reception site comprising the steps of:
-
(a) providing each transmission site with a broadcast key unique to that transmission site and a system key that is the same for all transmission sites, said system key comprising a plurality S of bits and each of said broadcast keys comprising a unique plurality B of bits, wherein B is less than S; (b) convolving in a predetermined manner at each transmission site the system key and the broadcast key unique to that transmission site to generate a unique data encryption key for that transmission site, said unique encryption key comprising a third number E of bits, E being at least greater than B; (c) encrypting a set of data at each transmission site with the unique data encryption key generated at that site; and (d) transmitting the sets of data uniquely encrypted at each transmission site to the reception site; wherein there is stored, in a memory at the reception site, the system key and each of said broadcast keys for regenerating at the reception site, for the purpose of decrypting any one of said encrypted sets of data, the unique data encryption keys used to encrypt said sets of data at each respective transmission site, the memory capacity necessary to store the system key and the broadcast keys at the reception site being no greater than ((N×
B)+S) bits. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. In a data transmission system comprising a plurality N of transmission sites and at least one reception site wherein there is a system key common to all transmission sites and a broadcast key unique to each site, and wherein said system key comprises a first number S of bits and each of said broadcast keys comprises a second number B of bits wherein B is less than S, a method for uniquely encrypting a set of data at a transmission site comprising the steps of:
-
(a) providing at the transmission site the system key and the broadcast key unique to that site; (b) convolving the system key and the broadcast key unique to that site to generate a unique data encryption key for that transmission site, said unique data encryption key comprising a third number E of bits wherein E is at least greater than B; (c) encrypting a set of data at the transmission site with the unique data encryption key generated at that transmission site; and (d) transmitting the set of data uniquely encrypted at the transmission site to the reception site; wherein there is stored, in a memory at the reception site, the system key and each of said broadcast keys for regenerating at the reception site, for the purpose of decrypting any one of said encrypted sets of data, the unique data encryption keys used to encrypt said sets of data at each respective transmission site, the memory capacity necessary to store the system key and the broadcast keys at the reception site being no greater than ((N×
B)+S) bits. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. In a data transmission system comprising a plurality N of transmission sites and at least one reception site wherein each transmission site is provided with a broadcast key unique to that transmission site and a system key that is the same for all transmission sites, said system key comprising a first number S of bits and each of said broadcast keys comprising a second number B of bits where B is less than S, and wherein at each transmission site the system key and the broadcast key unique to that site are convolved in a predetermined manner to generate a unique data encryption key, the unique data encryption key generated at each site being used at that site to encrypt a set of data for transmission to the reception site, and further wherein there is stored, in a memory at the reception site, the system key and each of said broadcast keys, a method for decrypting at the reception site an encrypted set of data transmitted from a selected one of said transmission sites comprising the steps of:
-
(a) receiving the encrypted set of data transmitted from the selected one of the transmission sites; (b) retrieving from the memory at the reception site the system key and the broadcast key unique to the selected transmission site; (c) convolving the retrieved system key and retrieved broadcast key in said predetermined manner to reproduce the unique data encryption key generated at the selected transmission site; and (d) decrypting the encrypted data with the reproduced encryption key; wherein the memory capacity necessary to store the system key and the broadcast keys at the reception site is no greater than ((N×
B)+S) bits. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A method for uniquely encrypting each of a plurality N of data sets at a transmission site for transmission to at least one reception site, said method comprising the steps of:
-
(a) providing a broadcast key for each data set that is unique to that data set and a system key that is the same for each data set, said system key comprising a first number S of bits and each of said broadcast keys comprising a second number B of bits, wherein B is less than S; (b) convolving in a predetermined manner, for each data set, the system key and the broadcast key unique to that data set to generate a unique data encryption key for that data set, the unique data encryption key comprising a third number E of bits, E being at least greater than B; (c) encrypting each data set with the unique data encryption key generated for that set; and (d) transmitting each uniquely encrypted data set to the reception site; wherein there is stored, in a memory at the reception site, the system key and each of said broadcast keys regenerating at the reception site, for the purpose of decrypting any one of said encrypted sets of data, the unique data encryption keys used to encrypt each of said sets of data at the transmission site, the memory capacity necessary to store the system key and the broadcast keys at the reception site being no greater than ((N×
B)+S) bits. - View Dependent Claims (22, 23, 24, 25)
-
-
26. In a data transmission system wherein each of a plurality N of data sets is uniquely encrypted at a transmission site by (a) providing a broadcast key for each data set that is unique to that data set and a system key that is the same for each data set, said system key comprising a first number S of bits and each of said broadcast keys comprising a second number B of bits where B is less than S, (b) convolving in a predetermined manner, for each data set, the system key and the broadcast key unique to that data set to generate a unique data encryption key for that data set, and (c) encrypting each data set with the unique data encryption key generated for that set, and wherein each of the uniquely encrypted data sets is transmitted to at least one reception site, and further wherein there is stored, in a memory at the reception site, the system key and each of said broadcast keys, a method for decrypting a selected one of said uniquely encrypted data sets at the reception site comprising the steps of:
-
(a) receiving the selected encrypted data set at the reception site; (b) retrieving from the memory at the reception site the system key and the broadcast key unique to the selected data set; (c) convolving the retrieved system key and retrieved broadcast key in said predetermined manner to reproduce the unique data encryption key generated at the transmission site; and (d) decrypting the encrypted data set with the reproduced encryption key; wherein the memory capacity necessary to store the system key and the broadcast keys at the reception site is no greater than ((N×
B)+S) bits. - View Dependent Claims (27, 28, 29, 30)
-
-
31. In a pay television system wherein a plurality N of programmer sites each transmit program data to at least one reception site, and wherein each programmer encrypts the program data transmitted from that site with locally generated program keys, the program keys being transmitted by each programmer to the reception site along with the encrypted program data, and wherein there is a broadcast key unique to each programmer site and a system key that is the same for all programmer sites, said system key comprising a first number S of bits and each of said broadcast keys comprising a second number B of bits where B is less than S, a method for uniquely encrypting the program keys at a programmer site for transmission to the reception site comprising the steps of:
-
(a) providing at the programmer site the system key and the broadcast key unique to that programmer site; (b) convolving, in a predetermined manner, the system key and the broadcast key for that programmer site to generate a unique encryption key for that programmer site, the unique encryption key comprising a third number E of bits, E being at least greater than B; (c) encrypting the program keys with the unique encryption key generated at that programmer site; and (d) transmitting the encrypted program keys to the reception site, there being stored, in a memory at the reception site, the system key and each of said broadcast keys for regenerating at the reception site, for the purpose of decrypting the encrypted program keys transmitted from any one of said programmer sites, the unique data encryption keys used to encrypt the program keys at each of said programmer sites; wherein the memory capacity necessary to store the system key and the broadcast keys at the reception site being no greater than ((N×
B)+S) bits. - View Dependent Claims (32, 33, 34, 35)
-
-
36. In a pay television system wherein a plurality N of programmer sites each transmit program data to at least one reception site, and wherein each programmer encrypts the program data transmitted from that site with locally generated program keys, and wherein there is a broadcast key unique to each programmer site and a system key that is the same for all programmer sites, said system key comprising a first number S of bits and each of said broadcast keys comprising a second number B of bits where B is less than S, and wherein the program keys locally generated at each programmer site are encrypted by (a) providing at the programmer site the system key and the broadcast key unique to that programmer site, (b) convolving, in a predetermined manner, the system key and the broadcast key for that programmer site to generate a unique encryption key for that programmer site, and (c) encrypting the program keys at that programmer site with the unique encryption key generated at that programmer site, and wherein each programmer transmits its respective encrypted program keys and encrypted program data to the reception site, and further wherein there is stored, in a memory at the reception site, the system key and each of said broadcast keys, a method for decrypting, at the reception site, the program keys and program data transmitted from a selected one of the programmer sites comprising the steps of:
-
(a) receiving the encrypted program data and the encrypted program keys transmitted from the selected programmer site; (b) retrieving from the memory at the reception site the system key and the broadcast key unique to the selected programmer site; (c) convolving the retrieved system key and retrieved broadcast key in said predetermined manner to reproduce the unique encryption key generated at the selected programmer site; (d) decrypting the encrypted program keys with the reproduced encryption key; and (e) decrypting the encrypted program data with the decrypted program keys; wherein the memory capacity necessary to store the system key and the broadcast keys at the reception site is no greater than ((N×
B)+S) bits.
-
-
37. A data transmission system comprising a plurality N of transmission sites that each transmit a set of data to at least one reception site, there being a system key common to all transmission sites and a broadcast key unique to each site, said system key comprising a first number S of bits and each of said broadcast keys comprising a second number B of bits wherein B is less than S, each of said transmission sites having an encrypting apparatus comprising:
-
means for convolving, in a predetermined manner, the system key and the broadcast key unique to that transmission site to generate a unique data encryption key for that site; an encryptor for encrypting a set of data with the unique data encryption key; and means for transmitting the encrypted set of data to the reception site, said reception site having a decrypting apparatus comprising; a memory for storing the system key and each of said broadcast keys, the storage capacity of the memory necessary to store the system key and each of the broadcast keys being no greater than ((N×
B)+s) bits;means for receiving an encrypted set of data transmitted from a selected one of said transmission sites; means coupled to the memory for retrieving from the memory the system key and the broadcast key unique to the selected transmission site and for convolving the retrieved system key and the retrieved broadcast key in said predetermined manner to reproduce the unique data encryption key generated at the selected transmission site; and a decryptor that decrypts the received set of data with the reproduced encryption key. - View Dependent Claims (38, 39, 40)
-
-
41. Encrypting apparatus for use in a data transmission system comprising a plurality N of transmission sites and at least one reception site wherein there is a system key common to all transmission sites and a broadcast key unique to each transmission site, said system key comprising a first number S of bits and each of said broadcast keys comprising a second number B of bits wherein B is less than S, said encrypting apparatus for use at one of said transmission sites and comprising:
-
means for convolving, in a predetermined manner, the system key and the broadcast key unique to that transmission site to generate a unique data encryption key for that site; an encryptor for encrypting a set of data with the unique data encryption key; and means for transmitting the encrypted set of data to the reception site; wherein there is stored, in a memory at the reception site, the system key and each of said broadcast keys for regenerating at the reception site, for the purpose of decrypting the encrypted set of data transmitted from any one of said transmission sites, the unique data encryption keys used to encrypt said sets of data at each respective transmission site, the memory capacity necessary to store the system key and the broadcast keys at the reception site being no greater than ((N×
B)+S) bits.
-
-
42. Decrypting apparatus for use in a data transmission system comprising a plurality N of transmission sites and at least one reception site wherein each transmission site is provided with a broadcast key unique to that transmission site and a system key that is the same for all transmission sites, said system key comprising a first number S of bits and each of said broadcast keys comprising a second number B of bits where B is less than S, and wherein at each transmission site the system key and the broadcast key unique to that site are convolved in a predetermined manner to generate a unique data encryption key, the unique data encryption key generated at each site being used at that site to encrypt a set of data for transmission to the reception site, said decrypting apparatus for use at the reception site and comprising:
-
a memory for storing the system key and each of said broadcast keys, the storage capacity of the memory necessary to store the system key and the broadcast keys being no greater than ((N×
B)+S) bits;means for receiving an encrypted set of data from a selected one of said transmission sites; means for retrieving from the memory the system key and the broadcast key of the selected transmission site from said memory; means for convolving the retrieved system key and the retrieved broadcast key in said predetermined manner to reproduce the unique data encryption key generated at the selected transmission site for encrypting the received set of data; and a decryptor for decrypting the received set of data with the reproduced encryption key.
-
-
43. Apparatus for uniquely encrypting a plurality N of data sets at a transmission site for transmission to at least one reception site wherein there is provided at the transmission site a broadcast key for each data set that is unique to that data set and a system key that is the same for each data set, said system key comprising a first number S of bits and each of said broadcast keys comprising a second number B of bits, B being less than S, said apparatus comprising:
-
means for convolving, in a predetermined manner, the system key and the broadcast key of a selected data set to generate a unique data encryption key for that data set; an encryptor for encrypting a data set with the unique data encryption key generated for that data set; and means for transmitting an encrypted data set to the reception site; wherein there is stored, in a memory at the reception site, the system key and each of said broadcast keys for regenerating at the reception site, for the purpose of decrypting the encrypted set of data transmitted from any one of said transmission sites, the unique data encryption keys used to encrypt said sets of data at each respective transmission site, the memory capacity necessary to store the system key and the broadcast keys at the reception site being no greater than ((N×
B)+S) bits. - View Dependent Claims (44)
-
-
45. Decrypting apparatus for use in a data transmission system comprising a transmission site and at least one reception site wherein each of a plurality N of data sets is uniquely encrypted at the transmission site by (a) providing a broadcast key for each data set that is unique to that data set and a system key that is the same for each data set, said system key comprising a first number S of bits and each of said broadcast keys comprising a second number B of bits where B is less than S, (b) convolving in a predetermined manner, for each data set, the system key and the broadcast key unique to that data set to generate a unique data encryption key for that data set, and (c) encrypting each data set with the unique data encryption key generated for that set, and wherein each of the uniquely encrypted data sets is transmitted to the reception site, said decrypting apparatus for use at the reception site and comprising:
-
a memory for storing the system key and each of said broadcast keys, the storage capacity of the memory necessary to store the system key and the broadcast keys being no greater than ((N×
B)+S) bits;means for receiving a selected one of the encrypted data sets transmitted from the transmission site; means for retrieving from the memory the system key and the broadcast key unique to the selected data set; means for convolving the retrieved system key and the retrieved broadcast key in said predetermined manner to reproduce the unique data encryption key generated at the transmission site for encrypting the received selected data set; and a decryptor for decrypting the received data set with the reproduced encryption key.
-
Specification