Process for data certification by scrambling and certification system using such a process

US 6,035,397 A
Filed: 11/14/1997
Issued: 03/07/2000
Est. Priority Date: 11/14/1996
Status: Expired due to Term

First Claim

Patent Images

1. A method for certifying data (ECG1) which arise from a source forming part of a first entity and are intended for at least one user, said method comprising the steps of:

scrambling said data arising from said source using a first string of control words CW1, so as to construct a first scrambled item IE(ECG1),encrypting said first string of control words CW1 using a first key KA, so as to construct a first string of encrypted control words E(CW1)_KA,wherein said scrambling and encryption steps are performed by an authority independent of the first entity and also of the user, said method further comprising the steps of;

transferring, to the user, said first scrambled item IE(ECG1) and said first string of encrypted control words E(CW1)_KA, anddecrypting said first string of encrypted control words E(CW1)_KA and descrambling said first scrambled item IE(ECG1) using means supplied to the user under the control of said independent authority.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention relates to a process for data certification as well as to the system implementing the certification process.

The certification of the data is performed by scrambling.

An authority independent of the entity which controls the data source and of the user(s) for which these data are intended, scrambles the data with the aid of control words and encrypts the control words with the aid of an encryption algorithm with key K.

So that a user or the users can descramble the data scrambled by the independent authority, a certification verification device containing the encryption key K is supplied to the user or users under the control of the independent authority.

The certification process and the system associated therewith apply more particularly to conditional-access systems.

43 Citations

View as Search Results

27 Claims

1. A method for certifying data (ECG1) which arise from a source forming part of a first entity and are intended for at least one user, said method comprising the steps of:
- scrambling said data arising from said source using a first string of control words CW1, so as to construct a first scrambled item IE(ECG1),encrypting said first string of control words CW1 using a first key KA, so as to construct a first string of encrypted control words E(CW1)_KA,wherein said scrambling and encryption steps are performed by an authority independent of the first entity and also of the user, said method further comprising the steps of;
  
  transferring, to the user, said first scrambled item IE(ECG1) and said first string of encrypted control words E(CW1)_KA, anddecrypting said first string of encrypted control words E(CW1)_KA and descrambling said first scrambled item IE(ECG1) using means supplied to the user under the control of said independent authority.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method according to claim 1, further comprising the step of storing said first scrambled item IE(ECG1) and said first string of encrypted control words E(CW1)_KA in a data base forming part of the first entity, before said first scrambled item IE(ECG1) and said first string of encrypted control words E(CW1)_KA are transferred to the user.
  - 3. The method according to claim 1, further comprising the steps of:
    - encrypting said first string of encrypted control words E(CW1)_KA using a third key KSP which is different from said first key KA so as to construct a third string of encrypted control words E(E(CW1)_KA)_KSP, wherein said encryption step is performed by a second entity independent of said first entity and of said independent authority,transferring, to the user, said third string of encrypted control words E(E(CW1)_KA)_KSP, anddecrypting said third string of encrypted control words so as to generate said first string of encrypted control words E(CW1)_KA using said means supplied to the user under the control of said independent authority.
  - 4. The method according to claim 1, wherein the step of decrypting said first string of encrypted control words E(CW1)_KA and of descrambling said first scrambled item IE(ECG1) prohibits access to the unenciphered control words CW1.
  - 5. The method according to claim 1, further comprising the steps of:
    - scrambling data (ECG2) arising from at least one further source using a second string of control words CW2, so as to construct a second scrambled item IE(ECG2),encrypting said second string of control words using a second key KB which is different from said first key KA, so as to construct a second string of encrypted control words E(CW2)_KB,transferring, to the user, said second scrambled item IE(ECG2) and said second string of control words E(CW2)_KB, anddecrypting said second string of encrypted control words E(CW2)_KB and descrambling said second scrambled item IE(ECG2) using said means supplied to the user under the control of said independent authority,wherein said steps of scrambling data arising from at least one further source and of encrypting said second string of control words are performed under the control said independent authority.
  - 6. The method according to claim 5, further comprising the steps of:
    - encrypting said second string of encrypted control words E(CW2)_KB using a third key KSP which is different from said first and second keys, so as to construct a fourth string of encrypted control words E(E(CW2)_KB)_KSP, wherein said encryption step is performed by a second entity independent of said first entity and of said independent authority,transferring, to the user, said fourth string of encrypted control words,decrypting said fourth string of encrypted control words so as to generate said second string of encrypted control words E(CW2)_KB using said means supplied to the user under the control of said independent authority.
  - 7. The method according to claim 5, wherein the step of decrypting said second string of encrypted control words E(CW2)_KB and of descrambling said second scrambled item IE(ECG2) prohibits access to the unenciphered control words CW2.

8. A system for certifying data which arise from a source and are intended for at least one user, said source forming part of a first entity, comprising:
- a first scrambling and encryption device, forming part of an authority independent of the first entity and also of the user, for scrambling said data arising from said source using a first string of control words CW1 so as to construct a first scrambled item IE(ECG1) and for encrypting said first string of control words using a first key KA so as to construct a first string of encrypted control words E(CW1)_KA ; and
  
  a certification verification device supplied to the user under the control of the independent authority and comprising circuits for decrypting said first string of encrypted control words E(CW1)_KA and for descrambling said first scrambled item IE(ECG1) using said first string of decrypted control words CW1.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 9. The certification system according to claim 8, wherein said first entity comprises a data base for storing said first scrambled item IE(ECG1) and said first string of encrypted control words E(CW1)_KA, said data base being linked to the certification verification device so as to supply said certification verification device with said first scrambled item IE(ECG1) as well as with said first string of encrypted control words E(CW1)_KA.
  - 10. The certification system according to claim 8, wherein said circuits for decrypting said first string of encrypted control words and for descrambling said first scrambled item comprise:
    - a smart card containing said first encryption key KA for decrypting said first string of encrypted control words E(CW1)_KA which it receives; and
      
      a decoder for descrambling said first scrambled item using said first string of decrypted control words CW1.
  - 11. The certification system according to claim 8, wherein said circuits for decrypting said first string of encrypted control words and for descrambling said first scrambled item comprise a smart card.
  - 12. The certification system according to claim 8, wherein said first entity comprises at least one source of further data (ECG2) and a second scrambling and encryption device delegated to said first entity under the control of said independent authority for scrambling said further data with a second string of control words CW2 so as to construct a second scrambled item IE(ECG2) and for encrypting said second string of control words CW2 using a second key KB which is different from said first key KA so as to construct a second string of encrypted control words E(CW2)_KB, said second scrambled item IE(ECG2) and said second string of encrypted control words E(CW2)_KB being conveyed to the certification verification device.
  - 13. The certification system according to claim 12, wherein said certification verification device comprises:
    - a smart card containing said first and second encryption keys KA and KB so as to decrypt said first string (E(CW1)_KA) or said second string (E(CW2)_KB) of encrypted control words; and
      
      a decoder for descrambling said first scrambled item IE(ECG1) or said second scrambled item IE(ECG2) using said first string of control words (CW1) or said second string of control words (CW2).
  - 14. The certification system according to claim 12, wherein said certification verification device comprises a smart card containing said first and second encryption keys KA and KB so as to decrypt said first string (E(CW1)_KA) or said second string (E(CW2)_KB) of encrypted control words and for descrambling said first scrambled item IE(ECG1) or said second scrambled item IE(ECG2).
  - 15. The certification system according to claim 8, further comprising a distribution circuit forming part of a second entity independent of the first entity and of the independent authority, wherein said distribution circuit receives said first scrambled item IE(ECG1) and said first string of encrypted control words E(CW1)_KA and contains:
    - a circuit for encrypting said first string of encrypted control words E(CW1)_KA using a third key KSP which is different from said first key KA so as to generate a third string of encrypted control words E(E(CW1)_KA)_KSP ; and
      
      a data base for storing said first scrambled item IE(ECG1) as well as said third string of encrypted control words E(E(CW1)_KA)_KSP, said data base being linked to the certification verification device so as to supply said certification verification device with said first scrambled item IE(ECG1) as well as with said third string of encrypted control words E(E(CW1)_KA)_KSP,said certification verification device comprising means for decrypting said third string of encrypted control words E(E(CW1)_KA)_KSP so as to generate said first string of encrypted control words E(CW1)_KA.
  - 16. The certification system according to claim 15, wherein said certification verification device comprises:
    - a smart card containing said first and third encryption keys KA and KSP so as to decrypt said third string E(E(CW1)_KA)_KSP and said first string E(CW1)_KA of control words; and
      
      a decoder for descrambling said first scrambled item using said first string of decrypted control words CW1.
  - 17. The certification system according to claim 15, wherein said certification verification device comprises a smart card containing said first and third encryption keys KA and KSP so as to decrypt said third string E(E(CW1)_KA)_KSP and said first string E(CW1)_KA of control words and for descrambling said first scrambled item using said first string of decrypted control words CW1.
  - 18. The certification system according to claim 15, wherein said first entity comprises at least one source of further data (ECG2), and wherein said second entity comprises a delegated scrambling and encryption device, supplied under control of said independent authority, for scrambling said further data with a second string of control words (CW2) so as to construct a second scrambled item IE(ECG2) and for encrypting said second string of control words (CW2) using a second key KB which is different from said first key KA so as to construct a second string of encrypted control words E(CW2)_KB, said second string of encrypted control words and said second scrambled item IE(ECG2) being sent to said distribution circuit which further contains:
    - a circuit for encrypting said second string of encrypted control words E(CW2)_KB using said third key KSP so as to construct a fourth string of encrypted control words E(E(CW2)_KB)_KSP, anda data base for storing said fourth string of encrypted control words E(E(CW2)_KB)_KSP and said second scrambled item IE(ECG2), said data base being linked to the certification verification device so as to supply said certification verification device with said fourth string of encrypted control words E(E(CW2)_KB)_KSP as well as with said second scrambled item IE(ECG2).
  - 19. The certification system according to claim 18, wherein said certification verification device comprises:
    - a smart card containing said first, second and third encryption keys KA, KB and KSP so as to decrypt said third string of encrypted control words E(E(CW1)_KA)_KSP or said fourth string of encrypted control words E(E(CW2)_KB)_KSP and said first string of encrypted control words E(CW1)_KA or said second string of encrypted control words E(CW2)_KB ; and
      
      a decoder for descrambling said first scrambled item IE(ECG1) using said first string of decrypted control words CW1 or said second scrambled item IE(ECG2) using said second string of encrypted control words CW2.
  - 20. The certification system according to claim 18, wherein said certification verification device comprises a smart card containing said first, second and third encryption keys KA, KB and KSP so as to decrypt said third string of encrypted control words E(E(CW1)_KA)_KSP or said fourth string of encrypted control words E(E(CW2)_KB)_KSP and said first string of encrypted control words E(CW1)_KA or said second string of encrypted control words E(CW2)_KB ;
    - and for descrambling said first scrambled item IE(ECG1) using said first string of decrypted control words CW1 or said second scrambled item IE(ECG2) using said second string of encrypted control words CW2.
  - 21. The certification system according to claim 15, wherein said first entity is a data supplier, said second entity is a service provider and said user is a customer of the service provider.
  - 22. The certification system according to claim 12, wherein said first string of control words (CW1) arises from a first generator of control words forming part of the first scrambling and encryption device and said second string of control words (CW2) arises from a second generator of control words forming part of the second delegated scrambling and encryption device.
  - 23. The certification system according to claim 12, wherein the control words (CW1) of said first string are identical to the control words (CW2) of said second string.
  - 24. The certification system according to claim 12, wherein the control words (CW1) of said first string are different from the control words (CW2) of said second string.
  - 25. The certification system according to claim 18, wherein said first string of control words (CW1) arises from a first generator of control words forming part of the first scrambling and encryption device and said second string of control words (CW2) arises from a second generator of control words forming part of the second delegated scrambling and encryption device.
  - 26. The certification system according to claim 18, wherein the control words (CW1) of said first string are identical to the control words (CW2) of said second string.
  - 27. The certification system according to claim 18, wherein the control words (CW1) of said first string are different from the control words (CW2) of said second string.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Thomson Licensing Dtv
Original Assignee
Thomson Multimedia Incorporated (Vantiva SA)
Inventors
Campinos, Arnaldo, Vigneron, Jean-Marie, Gregoire, Louis
Primary Examiner(s)
Swann, Todd R.
Assistant Examiner(s)
JACK, TODD M

Application Number

US08/971,016
Time in Patent Office

844 Days
Field of Search

380/25, 235/380
US Class Current

380/28
CPC Class Codes

H04L 9/321   involving a third party or ...

H04N 21/2347   involving video stream encr...

H04N 21/26606   for generating or managing ...

H04N 21/4405   involving video stream decr...

H04N 7/1675   Providing digital key or au...

Process for data certification by scrambling and certification system using such a process

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

43 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Process for data certification by scrambling and certification system using such a process

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

43 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links