Method and apparatus for protecting the transfer of data
First Claim
Patent Images
1. A secure content delivery system, comprising:
- a set-top box to initiate a request for program data, the request including a unique identifier of the set-top box; and
a conditional access (CA) control system in communication with the set-top box and a remote source, the CA control system adapted to do the following;
to transmit information including the unique identifier and a mating key generator to the remote source,to receive a mating key from the remote source, the mating key being based on the transmitted unique identifier and mating key generator, the mating key being used to encrypt a control word used for scrambling the program data prior to transmission to the set-top box, andto transmit the mating key generator and the encrypted control word to the set-top box.
1 Assignment
0 Petitions
Accused Products
Abstract
According to one embodiment, a method for scrambling and descrambling program data comprises the receipt of a mating key generator message including a manufacturer identifier. The mating key generator message is transmitted to a first remote source identified by the manufacturer identifier. In response, a mating key is received from the first remote source. Then, the mating key is supplied to a second remote source, the mating key being subsequently used to encrypt a service key used for scrambling program data.
-
Citations
36 Claims
-
1. A secure content delivery system, comprising:
-
a set-top box to initiate a request for program data, the request including a unique identifier of the set-top box; and a conditional access (CA) control system in communication with the set-top box and a remote source, the CA control system adapted to do the following; to transmit information including the unique identifier and a mating key generator to the remote source, to receive a mating key from the remote source, the mating key being based on the transmitted unique identifier and mating key generator, the mating key being used to encrypt a control word used for scrambling the program data prior to transmission to the set-top box, and to transmit the mating key generator and the encrypted control word to the set-top box. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method performed by a device with circuitry for processing information, comprising:
-
receiving a mating key generator message including a manufacturer identifier of a set-top box; transmitting the mating key generator message and a unique identifier of the set-top box to a first remote source associated with the manufacturer identifier; receiving a mating key from the first remote source, the mating key being based on the transmitted unique identifier and mating key generator message; supplying the mating key to a second remote source, the mating key being subsequently used to encrypt a service key used for scrambling program data; and supplying the encrypted service key and the mating key generator message to a descrambler component of the set-top box. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
-
21. A mating key gateway adapted for communication with a plurality of subscriber management systems each associated with a different content provider, comprising:
-
hardware means for routing a mating key generator to a selected mating key server; hardware means for retrieving a mating key based on a unique identifier associated with a set-top box targeted to receive program data and the mating key generator; and hardware means for transmitting the mating key to one of the plurality of subscriber management systems, the mating key being used to encrypt at least one service key provided to the set-top box. - View Dependent Claims (22, 23)
-
-
24. An apparatus adapted to receive scrambled content, comprising:
-
a network interface; and a descrambler component to receive (i) a mating key generator message including a unique identifier, (ii) at least one encrypted service key and (iii) a corresponding key identifier to indicates a tier of service associated with the encrypted service key over the network interface, the descrambler component performing a cryptographic operation on the mating key generator message to produce a key for decrypting the encrypted service key to recover a service key used to descramble the scrambled content, the mating key generator message being received from a conditional access (CA) control system. - View Dependent Claims (25, 26, 27)
-
-
28. A method adapted for protecting the transfer of program data to a digital device, comprising:
-
producing a mating key generator being a message that comprises (i) a first value to identify a provider of a conditional access (CA) system that is producing the mating key generator, and (ii) a second value to identify a service provider that is supplying the program data; transmitting the mating key generator to a first remote source; transmitting a unique identifier of the digital device targeted to receive the program data to the first remote source; receiving a mating key from the first remote source being a trusted third party, the mating key being generated based on the mating key generator and the unique identifier; and supplying the mating key to the digital device, the mating key being subsequently used to encrypt either a control word or a service key, each being used for scrambling the program data. - View Dependent Claims (29, 30)
-
-
31. A secure content delivery system, comprising:
-
a digital device including a unique identifier; and a conditional access (CA) control system in communication with the digital device, the CA control system to transmit (1) digital content scrambled with a key encrypted using a mating key, the mating key is a permutation of the unique identifier and a mating key generator including at least two of a manufacturer identifier, a service provider identifier, a CA provider identifier, and a mating key sequence number, (2) the mating key generator, and (3) at least one entitlement management message (EMM), the EMM comprises a plurality of service keys and a plurality of key identifiers each indicating a tier of service associated with a service key of the plurality of service keys. - View Dependent Claims (32, 33, 34, 35, 36)
-
Specification