Conditional access system and method prevention of replay attacks

US 7,590,240 B2
Filed: 03/02/2001
Issued: 09/15/2009
Est. Priority Date: 03/02/2001
Status: Expired due to Term

First Claim

Patent Images

1. A cryptographic method for rendering a conditional access system resistant to replay attacks comprising the steps of:

generating a set of one or more keys usable for encryption or decryption, said generating caused by an authorization module controlling authorization of access to a plurality of transport streams, said authorization module on or in communication with a receiver among a plurality of receivers in communication with a headend;

storing an encrypted transport stream transmitted from said headend, wherein said encrypted transport stream is further encrypted at said receiver, using one or more keys from said set of one or more keys usable for encryption or decryption, so that a doubly encrypted transport stream is stored on a storage medium on or accessible to said receiver; and

decrypting said doubly encrypted transport stream by a decryption module on or in communication with said receiver using one or more keys from said set of one or more keys usable for encryption or decryption.

View all claims

12 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a conditional access system, a headend transmits content to one or more receivers in encrypted transport streams. The system provides a multi-layer security architecture, rendering the system resistant to key replay attacks; if one layer is circumvented, subsequent layers remain intact. A first layer prevents unencrypted keys from being recorded by shielding the unencrypted keys from users and encrypting the path from the receiver'"'"'s conditional access module to the transport decryption module; a second layer prevents a key recorded on one receiver from being played back to the transport decryption module on a second receiver; a third layer prevents a user from decrypting transport streams without the encryption module by encrypting the stream a second time prior to being passed through any user-accessible memory or processor. Events tables are transmitted with the transport stream, either unencrypted for immediate use or encrypted, to prevent unauthorized use.

Citations

30 Claims

1. A cryptographic method for rendering a conditional access system resistant to replay attacks comprising the steps of:
- generating a set of one or more keys usable for encryption or decryption, said generating caused by an authorization module controlling authorization of access to a plurality of transport streams, said authorization module on or in communication with a receiver among a plurality of receivers in communication with a headend;
  
  storing an encrypted transport stream transmitted from said headend, wherein said encrypted transport stream is further encrypted at said receiver, using one or more keys from said set of one or more keys usable for encryption or decryption, so that a doubly encrypted transport stream is stored on a storage medium on or accessible to said receiver; and
  
  decrypting said doubly encrypted transport stream by a decryption module on or in communication with said receiver using one or more keys from said set of one or more keys usable for encryption or decryption.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1, further comprising:
    - adding multiple layers of security such that if one layer is circumvented, subsequent layers remain intact.
  - 3. The method of claim 2, wherein a first layer of said multiple layers of security comprises preventing unauthorized access to said set of one or more keys usable for encryption or decryption by avoiding exposing said set of one or more keys usable for encryption or decryption to user accessible and user programmable resources within said receiver.
  - 4. The method of claim 3, wherein said first layer of said multiple layers of security further comprises encrypting a communication path between said authorization module and said decryption module.
  - 5. The method of claim 2, wherein said receiver is a first receiver, and wherein a second layer of said multiple layers of security comprises preventing said set of one or more keys usable for encryption or decryption from being used by a second decryption module on or in communication with a second receiver by performing said generating of said set of one or more keys usable for encryption or decryption in a manner particular to said first receiver.
  - 6. The method of claim 2, wherein a third layer of said multiple layers of security comprises the step of preventing unauthorized access to an unencrypted version of said encrypted transport stream.
  - 7. The method of claim 6, wherein the step of preventing unauthorized access to an unencrypted version of said encrypted transport stream comprises further encrypting said encrypted transport stream prior to storage.
  - 8. The method of claim 1, wherein said generating step further comprises said authorization module encrypting keys that represent a subset of said set of one or more keys usable for encryption or decryption.
  - 9. The method of claim 1, wherein a corresponding event table is built for said encrypted transport stream prior to transmission of said encrypted transport stream.
  - 10. The method of claim 9, wherein said event table is transmitted along with said encrypted transport stream so that said event table is available for immediate use by said receiver.
  - 11. The method of claim 9, wherein said event table is encrypted prior to transmission of said event table to prevent unauthorized use.
  - 12. The method of claim 1, further comprising:
    - creating a random secret at said headend,wherein said random secret is usable for encryption or decryption;
      
      receiving said random secret by a reception module on or in communication with said receiver;
      
      receiving said random secret by said authorization module; and
      
      receiving said random secret by said decryption module.
  - 13. The method of claim 1, wherein said step of storing an encrypted transport stream transmitted from said headend further comprises:
    - transmitting an encrypted decryption key and said encrypted transport stream from said headend to a reception module on or in communication with said receiver;
      
      said reception module further encrypting said encrypted transport stream to create said doubly encrypted transport stream; and
      
      said reception module storing said encrypted decryption key and said doubly encrypted transport stream in said storage medium.
  - 14. The method of claim 1, wherein said step of decrypting said doublyencrypted transport stream further comprises:
    - said decryption module retrieving said doubly encrypted transport stream and an encrypted decryption key from said storage medium;
      
      said decryption module decrypting said doubly encrypted transport stream to obtain said encrypted transport stream; and
      
      said decryption module decrypting said encrypted transport stream.
  - 15. The method of claim 1, wherein said decryption module is uniquely capable of decrypting said doubly encrypted transport stream.
  - 16. The method of claim 1, wherein said doubly encrypted transport stream is encrypted at least once more before being stored on said storage medium.

17. A conditional access system resistant to replay attacks, comprising:
- a generated set of one or more keys usable for encryption or decryption,said generation caused by an authorization module controlling authorization of access to a plurality of transport streams,said authorization module on or in communication with a receiver among a plurality of receivers in communication with a headend,said receiver capable of further encrypting an encrypted transport stream transmitted from said headend using one or more keys from said generated set of one or more keys usable for encryption or decryption, so that a doubly encrypted transport stream is stored on a storage medium on or accessible to said receiver; and
  
  a decryption module on or in communication with said receiver for decrypting said doubly encrypted transport stream.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 18. The system of claim 17, the system further including:
    - a first layer among one or more layers of security, said first layer preventing unauthorized access to said generated set of one or more keys usable for encryption or decryption by avoiding exposing said set of one or more keys usable for encryption or decryption to user accessible and user programmable resources within said receiver.
  - 19. The system of claim 18, wherein said first layer further comprises a module for encrypting a communication path between said authorization module and said decryption module.
  - 20. The system of claim 17, wherein said receiver is a first receiver, the system further including:
    - a second layer among one or more layers of security, said second layer preventing said generated set of one or more keys usable for encryption or decryption from being used by a second decryption module on or in communication with a second receiver by generating said generated set of one or more keys usable for encryption or decryption in a manner particular to said first receiver.
  - 21. The system of claim 20, wherein said second layer further comprises said authorization module encrypting keys that represent a subset of said generated set of one or more keys usable for encryption or decryption.
  - 22. The system of claim 17, the system further comprising:
    - a third layer among one or more layers of security, said third layer preventing unauthorized access to an unencrypted version of said encrypted transport stream.
  - 23. The system of claim 22, wherein said third layer further comprises further encrypting said encrypted transport stream prior to storage.
  - 24. The system of claim 17, further comprising a corresponding event table for said encrypted transport stream, wherein said event table is built prior to transmission of said encrypted transport stream.
  - 25. The system of claim 24, wherein said event table is transmitted along with said encrypted transport stream.
  - 26. The system of claim 24, wherein said event table is encrypted prior to transmission of said encrypted transport stream.
  - 27. The system of claim 17, further comprising:
    - a reception module on or in communication with said receiver having access to a random secret;
      
      said authorization module having access to said random secret;
      
      said decryption module having access to said random secret;
      
      wherein said random secret is usable for encryption or decryption; and
      
      wherein said random secret is transmitted from said headend.
  - 28. The system of claim 17, further comprising:
    - said storage medium on or accessible to said receiver storing said doubly encrypted transport stream and an encrypted decryption key,wherein said doubly encrypted transport stream and said encrypted decryption key are stored by at least the following steps;
      
      transmitting said encrypted decryption key and said encrypted transport stream from said headend to a reception module on or in communication with said receiver;
      
      said reception module further encrypting said encrypted transport stream to create said doubly encrypted transport stream; and
      
      said reception module storing said encrypted decryption key and said doubly encrypted transport stream in said storage medium.
  - 29. The system of claim 17, further comprising:
    - an unencrypted version of said doubly encrypted transport stream, wherein said doubly encrypted transport stream is unencrypted using at least the following steps;
      
      said decryption module retrieving said doubly encrypted transport stream and an encrypted decryption key from said storage medium;
      
      said decryption module decrypting said doubly encrypted transport stream to obtain said encrypted transport stream; and
      
      said decryption module decrypting said encrypted transport stream.
  - 30. The system of claim 17, wherein said decryption module is uniquely capable of decrypting said doubly encrypted transport stream.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
TiVo Solutions Inc. (Adeia Inc.)
Original Assignee
TiVo Inc. (Adeia Inc.)
Inventors
Goodman, Andrew, Platt, David C., Zenchelsky, Daniel
Primary Examiner(s)
Hoffman; Brandon S

Application Number

US10/220,356
Publication Number

US 20040126093A1
Time in Patent Office

3,119 Days
Field of Search

None
US Class Current

380/210
CPC Class Codes

H04L 2463/101   applying security measures ...

H04L 63/045   wherein the sending and rec...

H04L 63/10   for controlling access to d...

H04N 2005/91364   the video signal being scra...

H04N 21/258   Client or end-user data man...

H04N 21/25891   being end-user preferences ...

H04N 21/4126   The peripheral being portab...

H04N 21/426   Internal components of the ...

H04N 21/4367   Establishing a secure commu...

H04N 21/4622   Retrieving content or addit...

H04N 21/4623   Processing of entitlement m...

H04N 21/47   End-user applications

H04N 21/4782   Web browsing , e.g. WebTV

H04N 21/63345   by transmitting keys key di...

H04N 21/816   involving special video dat...

H04N 21/84   Generation or processing of...

H04N 5/782   on tape

H04N 5/913   for scrambling ; for copy p...

H04N 7/163   by receiver means only

H04N 7/1675   Providing digital key or au...

H04N 7/17309 : Transmission or handling of...

View All

Conditional access system and method prevention of replay attacks

First Claim

12 Assignments

0 Petitions

Accused Products

Abstract

Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Conditional access system and method prevention of replay attacks

First Claim

12 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links