Method and apparatus for providing television services using an authenticating television receiver device
First Claim
1. A method for providing television service to a subscriber, comprising the steps of:
- receiving descriptor data transmitted over an unsecure medium in a television receiving apparatus of said subscriber, said descriptor data including an identity public key associated with a digital protection system of said television receiving apparatus for transforming data according to a first public/private key encryption algorithm, attribute data identifying television broadcasts which the subscriber is entitled to receive, and a digital signature of said descriptor data by an entity authorizing the subscriber to receive the television broadcasts identified by said attribute data;
verifying that said identity public key and said attribute data in said descriptor data have not been altered using said digital signature;
providing source test data;
performing a first data transformation of a pair of data transformations of said source test data, said pair of data transformations producing resultant test data, said first data transformation being according to said first public/private key encryption algorithm using said identity public key;
requesting said digital protection system of said television receiving apparatus to perform a second data transformation of said pair of data transformations of said source test data, said digital protection system including(a) a processor capable of performing said second data transformation according to said first public/private key encryption algorithm; and
(b) a permanent data storage accessible only through said processor, said permanent data storage storing an identity private key for performing said second data transformation according to said first public/private key encryption algorithm;
comparing said source test data with the resultant test data to verify the identity of said digital protection system; and
using said attribute data to access one or more television channels on behalf of said subscriber depending on the results of said verifying step and said comparing step.
0 Assignments
0 Petitions
Accused Products
Abstract
A smart chip protection system contains a unique public/private identity key pair and uses a separate public/private signature key pair. The internally stored identity private key can not be read outside the chip. An issuing entity generates a descriptor containing the identity public key, attribute data, and a digital signature of the two, using a signature private key known only to the issuer. The authenticity of the descriptor is verified by decrypting the signature using the signature public key, and comparing the result to source data. An object'"'"'s identity can be verified by requesting the smart chip to perform a data transformation using its identity private key, and performing the complement using the public key. An exemplary embodiment is a television receiver system which verifies identity of an embedded smart chip and entitlement to receive television service.
-
Citations
18 Claims
-
1. A method for providing television service to a subscriber, comprising the steps of:
-
receiving descriptor data transmitted over an unsecure medium in a television receiving apparatus of said subscriber, said descriptor data including an identity public key associated with a digital protection system of said television receiving apparatus for transforming data according to a first public/private key encryption algorithm, attribute data identifying television broadcasts which the subscriber is entitled to receive, and a digital signature of said descriptor data by an entity authorizing the subscriber to receive the television broadcasts identified by said attribute data; verifying that said identity public key and said attribute data in said descriptor data have not been altered using said digital signature; providing source test data; performing a first data transformation of a pair of data transformations of said source test data, said pair of data transformations producing resultant test data, said first data transformation being according to said first public/private key encryption algorithm using said identity public key; requesting said digital protection system of said television receiving apparatus to perform a second data transformation of said pair of data transformations of said source test data, said digital protection system including (a) a processor capable of performing said second data transformation according to said first public/private key encryption algorithm; and (b) a permanent data storage accessible only through said processor, said permanent data storage storing an identity private key for performing said second data transformation according to said first public/private key encryption algorithm; comparing said source test data with the resultant test data to verify the identity of said digital protection system; and using said attribute data to access one or more television channels on behalf of said subscriber depending on the results of said verifying step and said comparing step. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A television receiving system, comprising:
-
a digital controller controlling the operation of said television system; a television signal transmission interface coupled to said digital controller, said interface receiving televisions signals from an external source and transmitting television signals to a display apparatus; a digital protection system coupled to said digital controller, said digital protection system securely storing an identity private key, and said digital protection system performing a first data transformation according to a first public/private key encryption algorithm in response to a command from said digital controller; a data descriptor receivable via said television signal transmission interface and associated with said digital protection system, said descriptor data including an identity public key associated with said digital protection system for transforming data according to said first public/private key encryption algorithm, attribute data identifying television broadcasts which a user of said television receiving system is entitled to receive, and a digital signature of said descriptor data by an entity authorizing the user to receive the television broadcasts identified by said attribute data; wherein said digital controller; (a) directs said digital protection system to perform said first data transformation of test data; (b) performs a second data transformation of test data according to said first public/private key encryption algorithm using said identity public key; (c) compares test data before transformation with test data after said first and said second transformation, (d) verifies, using said digital signature, said identity public key and said attribute data in said data descriptor; and (e) uses said attribute data to access television channels on behalf of said user responsive to the results of steps (c) and (d). - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A program product for controlling the operation of a television receiving apparatus, said program product comprising a plurality of executable instructions tangibly recorded on a non-transitory computer-readable medium, wherein said instructions cause the television receiving apparatus to perform the steps of:
-
receiving descriptor data transmitted over an unsecure medium in said television receiving apparatus, said descriptor data including an identity public key associated with a digital protection system of said television receiving apparatus for transforming data according to a first public/private key encryption algorithm, attribute data identifying television broadcasts which a subscriber is entitled to receive, and a digital signature of said descriptor data by an entity authorizing the subscriber to receive the television broadcasts identified by said attribute data; verifying that said identity public key and said attribute data in said descriptor data has have not been altered using said digital signature; performing a first data transformation of a pair of data transformations of source test data, said pair of data transformations producing resultant test data, said first data transformation being according to said first public/private key encryption algorithm using said identity public key; requesting said digital protection system of said television receiving apparatus to perform a second data transformation of said pair of data transformations of said source test data, said digital protection system including (a) a processor capable of performing said second data transformation according to a said first public/private key encryption algorithm; and (b) a permanent data storage accessible only through said processor, said permanent data storage storing an identity private key for performing said second data transformation according to said first public/private key encryption algorithm; comparing said source test data with the resultant test data to verify the identity of said digital protection system; and using said attribute data to access one or more television channels on behalf of said subscriber depending on the results of said verifying step and said comparing step. - View Dependent Claims (17, 18)
-
Specification