Method for providing a secure communication between two devices and application of this method

US 7,171,553 B2
Filed: 03/18/2002
Issued: 01/30/2007
Est. Priority Date: 04/03/1996
Status: Expired due to Fees

First Claim

Patent Images

1. A method for providing a secure communication between a first device and a second device in a pay TV system, comprising:

generating a first key associated with the first device;

encrypting a first message, including the first key, with a public key associated with the first device;

transferring the first encrypted message to the second device;

decrypting the first encrypted message, at the second device, using a secret key corresponding to the public key, to obtain the first key;

encrypting a second message including an authentication using the first key as a key;

returning the second encrypted message to the first device;

decrypting the second encrypted message;

verifying that the authentication in the decrypted second message is correct; and

if verified, using the first key to encrypt at least one subsequent transmission between the first and second devices.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of providing a secure communication between first and second devices is described. The method includes encrypting a random key using an encryption key at a first device and transferring the encrypted random key to the second device for encryption of data communicated from the second device to the first device. The encrypted data received from the second device is decrypted using the random key. The method typically includes transferring a control word encrypted with an encryption key to the second device for decryption, and encryption using the random key. The encrypted control word received from the second device is then decrypted using the random key. The invention extends to a method of enabling a decoder, and to a decoder, to decode a data stream. It also extends, inter alia, to a method of authenticating an enabling device and to an enabling device.

Citations

55 Claims

1. A method for providing a secure communication between a first device and a second device in a pay TV system, comprising:
- generating a first key associated with the first device;
  
  encrypting a first message, including the first key, with a public key associated with the first device;
  
  transferring the first encrypted message to the second device;
  
  decrypting the first encrypted message, at the second device, using a secret key corresponding to the public key, to obtain the first key;
  
  encrypting a second message including an authentication using the first key as a key;
  
  returning the second encrypted message to the first device;
  
  decrypting the second encrypted message;
  
  verifying that the authentication in the decrypted second message is correct; and
  
  if verified, using the first key to encrypt at least one subsequent transmission between the first and second devices.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the first key is a random number.
  - 3. The method of claim 2, wherein the authentication includes a random number.
  - 4. The method of claim 3, wherein the authentication random number is transferred to the second device in the same message as the first key.
  - 5. The method of claim 3, wherein,after verification,the first device forwards at least one message including an encrypted control word to the second device,upon receipt of which, the second deviceextracts the control word;
    - andreturns the control word to the first device in a message encrypted using the first key.
  - 6. The method of claim 3, whereinthe first device is a conditional access module;
    - andthe second device is a smart card.
  - 7. The method of claim 3, wherein the first device is a decoder in the pay TV system.

8. Apparatus for providing a secure communication in a pay TV system, the apparatus comprising:
- a first device including at least one microprocessor and being configured to;
  
  generate a first key associated with the first device;
  
  encrypt a first message, including the first key, with a public key associated with the first device; and
  
  transfer the first encrypted message; and
  
  a second device including at least one microprocessor and being configured to;
  
  receive the first encrypted message,decrypt the first encrypted message, by using a secret key corresponding to the public key, to obtain the first key,encrypt a second message containing an authentication using the first key as a key, andreturn the second encrypted message to the first device;
  
  the first device being further configured to;
  
  decrypt the second encrypted message for verification upon which, the apparatus uses the first key to encrypt at least one subsequent transmission between the first and second devices.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The apparatus of claim 8, wherein the first key is a random number.
  - 10. The apparatus of claim 9, wherein the authentication includes a random number.
  - 11. The apparatus of claim 10, wherein the authentication random number is transferred to the second device in the same message as the first key.
  - 12. The apparatus of claim 8, wherein, after verification,the first device is further configured to forward at least one message including an encrypted control word to the second device,upon receipt of which, the second device is further configured to:
    - extract the control word; and
      
      return the control word to the first device in a message encrypted using the first key.
  - 13. The apparatus of claim 8, whereinthe first device is a conditional access module;
    - andthe second device is a smart card.
  - 14. The apparatus of claim 8, wherein the first device is a decoder in the pay TV system.

15. A method of providing secure communications with a device for use in a pay TV system, comprising:
- generating a first key associated with the device;
  
  encrypting a first message, including the first key, with a public key associated with the device;
  
  transferring the first encrypted message from the device;
  
  receiving a second encrypted message at the device;
  
  the second message including an authentication and being encrypted using the first key;
  
  decrypting the second encrypted message;
  
  verifying that the authentication in the decrypted second message is correct; and
  
  if verified,using the first key to encrypt at least one subsequent transmission from the first device.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
- - 16. The method of claim 15, wherein the first key is a random number.
  - 17. The method of claim 16, wherein the authentication includes a random number.
  - 18. The method of claim 17, wherein the authentication random number is transferred in the same message as the first key.
  - 19. The method of claim 17, wherein the device generates the first key and the authentication random number.
  - 20. The method of claim 15, wherein,after verification,the first device transmits at least one message including an encrypted control word, andin responsereceives the control word in a message encrypted using the first key.
  - 21. The method of claim 15, wherein the device is a conditional access module.
  - 22. The method of claim 15, wherein the device is a decoder in the pay TV system.

23. An apparatus to provide secure communications in a pay TV system, the apparatus comprising a device, including at least one microprocessor and being configured to:
- generate a first key associated with the device;
  
  encrypt a first message, including the first key, with a public key associated with the device;
  
  transfer the first encrypted message from the device;
  
  receive a second encrypted message at the device, the second message including an authentication and being encrypted using the first key;
  
  decrypt the second encrypted message;
  
  verify that the authentication in the decrypted second message is correct; and
  
  if verified, use the first key to encrypt at least one subsequent transmission from the first device.
- View Dependent Claims (24, 25, 26, 27, 28, 29)
- - 24. The apparatus of claim 23, wherein the first key is a random number.
  - 25. The apparatus of claim 24, wherein the authentication includes a random number.
  - 26. The apparatus of claim 25, wherein the device is further configured to transfer the authentication random number in the same message as the first key.
  - 27. The apparatus of claim 23, wherein, the device is further configured toafter verification, transmit at least one message including an encrypted control word, andin response, receive the control word in a message encrypted using the first key.
  - 28. The apparatus of claim 23, wherein the device is a conditional access module in the pay TV system.
  - 29. The apparatus of claim 23, wherein the device is a decoder in the pay TV system.

30. A method of providing secure communications with a device in a pay TV system, comprising:
- receiving a first encrypted message, including a first key, and encrypted with a public key;
  
  decrypting the first encrypted message using a secret key corresponding to the public key;
  
  transmitting a second message to a remote device for verification;
  
  the second message including an authentication and being encrypted using the first key; and
  
  if verification occurs, receiving or transmitting at least one subsequent transmission encrypted using the first key.
- View Dependent Claims (31, 32, 33, 34, 35, 36)
- - 31. The method of claim 30, wherein the first key is a random number.
  - 32. The method of claim 31, wherein the authentication includes a random number.
  - 33. The method of claim 32, wherein the authentication random number is received in the same message as the first key.
  - 34. The method of claim 30, wherein,after verification,the device receives at least one message including an encrypted control word, andin response,decrypts and then transmits the control word in a message encrypted using the first key.
  - 35. The method of claim 30, wherein the device is a smart card for use in a pay TV system.
  - 36. The method of claim 30, wherein the device is configured to cooperate with a decoder in a pay TV system.

37. An apparatus to provide secure communications in a pay TV system, the apparatus comprising a device, including at least one microprocessor and being configured to:
- receive a first encrypted message, including a first key, and encrypted with a public key;
  
  decrypt the first encrypted message using a secret key corresponding to the public key;
  
  transmit a second message to a remote device for verification;
  
  the second message including an authentication and being encrypted using the first key; and
  
  if verification occurs, receive or transmit at least one subsequent transmission encrypted using the first key.
- View Dependent Claims (38, 39, 40, 41, 42, 43)
- - 38. The apparatus of claim 37, wherein the first key is a random number.
  - 39. The apparatus of claim 38, wherein the authentication includes a random number.
  - 40. The apparatus of claim 39, wherein the random number is transferred in the same message as the first key.
  - 41. The apparatus of claim 37, wherein, the device is configured to:
    - after verification, receive at least one message including an encrypted control word, andin response, decrypt and then transmit the control word in a message encrypted using the first key.
  - 42. The apparatus of claim 37, wherein the device is a smart card for use in the pay TV system.
  - 43. The apparatus of claim 37, wherein the device is configured to cooperate with a decoder in the pay TV system.

44. A method for providing a secure communication between a first device and a second device, the method including:
- generating a first key and an authentication number, both associated with the first device;
  
  encrypting a first message, including the first key and the authentication number;
  
  transferring the first encrypted message to the second device;
  
  decrypting the first encrypted message at the second device, to obtain the first key and the authentication number;
  
  encrypting a second message, including the first key and the authentication number;
  
  returning the second encrypted message to the first device;
  
  decrypting the second encrypted message;
  
  verifying that the authentication number in the decrypted second message is correct; and
  
  if verified, using the first key to encrypt at least one subsequent transmission between the first and second devices.
- View Dependent Claims (45, 46, 47, 48, 49)
- - 45. The method of claim 44, wherein the first key is a random number.
  - 46. The method of claim 44, wherein the authentication number is a random number.
  - 47. The method of claim 44, wherein,after verification,the first device forwards at least one message including an encrypted control word to the second device,upon receipt of which, the second deviceextracts the control word;
    - andreturns the control word to the first device in a message encrypted using the first key.
  - 48. The method of claim 44, whereinthe first device is a conditional access module;
    - andthe second device is a smart card.
  - 49. The method of claim 44, wherein the first device is a television decoder.

50. Apparatus to provide a secure communication, the apparatus comprising:
- a first device including at least one microprocessor and being configured to;
  
  generate a first key and an authentication number, both associated with the first device;
  
  encrypt a first message, including the first key and the authentication number; and
  
  transfer the first encrypted message; and
  
  a second device including at least one microprocessor and being configured to;
  
  receive the first encrypted message,decrypt the first encrypted message to obtain the first key and the authentication number,encrypt a second message containing the authentication number, using the first key, andreturn the second encrypted message to the first device;
  
  the first device being further configured to;
  
  decrypt the second encrypted message for verification of the authentication number, upon which, the apparatus uses the first key to encrypt at least one subsequent transmission between the first and second devices.
- View Dependent Claims (51, 52, 53, 54, 55)
- - 51. The apparatus of claim 50, wherein the first key is a random number.
  - 52. The apparatus of claim 51, wherein the authentication number includes a random number.
  - 53. The apparatus of claim 50, wherein,after verification,the first device forwards at least one message including an encrypted control word to the second device,upon receipt of which, the second deviceextracts the control word;
    - andreturns the control word to the first device in a message encrypted using the first key.
  - 54. The apparatus of claim 52, whereinthe first device is a conditional access module;
    - andthe second device is a smart card.
  - 55. The apparatus of claim 52, wherein the first device is a television decoder.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Irdeto B.V. (MultiChoice Group Ltd.)
Original Assignee
Irdeto Access B.V. (MultiChoice Group Ltd.)
Inventors
Glasspool, Andrew, Rix, Simon Paul Ashley, Davies, Donald Watts
Primary Examiner(s)
Torres; Joseph D.

Application Number

US10/101,122
Publication Number

US 20020126844A1
Time in Patent Office

1,779 Days
Field of Search

713/155, 713/168, 713/170, 380/239, 380/255, 380/282, 380/30, 380/229, 380/232, 380/241, 380/285
US Class Current

713/155
CPC Class Codes

H04L 2209/60   Digital content management,...

H04L 9/0825   using asymmetric-key encryp...

H04L 9/30   Public key, i.e. encryption...

H04N 21/4181   for conditional access

H04N 21/4367   Establishing a secure commu...

H04N 7/163   by receiver means only

H04N 7/1675   Providing digital key or au...

Method for providing a secure communication between two devices and application of this method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

55 Claims

Specification

Solutions

Use Cases

Quick Links

Method for providing a secure communication between two devices and application of this method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

55 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links