Circuit personalization

US 8,384,412 B2
Filed: 07/31/2006
Issued: 02/26/2013
Est. Priority Date: 07/29/2005
Status: Active Grant

First Claim

Patent Images

1. A method, performed by an authority, comprising:

distributing a first generic circuit of a plurality of generic circuits for electronic devices to a first party, the plurality of generic circuits being substantially identical to each other;

receiving a unique first personalization value from the first party;

encrypting the first personalization value, received from the first party, using a first secret encryption key, thereby generating an encrypted first personalization value;

transmitting the encrypted first personalization value to the first party, wherein the first generic circuit is configured to store the transmitted encrypted first personalization value, and to respond to execution of a first piece of software by;

retrieving the stored encrypted first personalization value;

decrypting the retrieved encrypted first personalization value; and

using the decrypted first personalization value to control execution of the first piece of software by the first generic circuit; and

distributing additional generic circuits in which a second secret encryption key is used to encrypt additional personalization values for the additional generic set-top-box circuits.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method distributes personalized circuits to one or more parties. The method distributes a generic circuit to each party, encrypts a unique personalization value using a secret encryption key, and transmits each encrypted personalization value to the corresponding party. Each party then stores the encrypted personalization value in their circuit. The stored encrypted personalization value allows a piece of software to be properly executed by the circuit. A semiconductor integrated circuit is arranged to execute a piece of software that inputs a personalization value as an input parameter. The circuit comprises a personalization memory arranged to store an encrypted personalization value; a key memory for storing a decryption key; a control unit comprising a cryptographic circuit arranged to decrypt the encrypted personalization value using the decryption key; and a processor arranged to receive the decrypted personalization value and execute the software using the decrypted personalization value.

35 Citations

View as Search Results

44 Claims

1. A method, performed by an authority, comprising:
- distributing a first generic circuit of a plurality of generic circuits for electronic devices to a first party, the plurality of generic circuits being substantially identical to each other;
  
  receiving a unique first personalization value from the first party;
  
  encrypting the first personalization value, received from the first party, using a first secret encryption key, thereby generating an encrypted first personalization value;
  
  transmitting the encrypted first personalization value to the first party, wherein the first generic circuit is configured to store the transmitted encrypted first personalization value, and to respond to execution of a first piece of software by;
  
  retrieving the stored encrypted first personalization value;
  
  decrypting the retrieved encrypted first personalization value; and
  
  using the decrypted first personalization value to control execution of the first piece of software by the first generic circuit; and
  
  distributing additional generic circuits in which a second secret encryption key is used to encrypt additional personalization values for the additional generic set-top-box circuits.
- View Dependent Claims (2, 4, 6, 44)
- - 2. The method of claim 1, further comprising:
    - distributing a second generic circuit of the plurality of generic circuits to a second party;
      
      receiving a unique second personalization value from the second party;
      
      encrypting the second personalization value, received from the second party, using the first secret encryption key; and
      
      transmitting the encrypted second personalization value to the second party, wherein the second generic circuit is configured to store the transmitted encrypted second personalization value, retrieve the stored encrypted second personalization value, decrypt the retrieved encrypted second personalization value and use the decrypted second personalization value to control execution of a second piece of software by the second generic circuit.
  - 4. The method of claim 1 in which the first personalization value comprises a number.
  - 6. The method of claim 1 in which the encrypted first personalization value is transmitted in a further encrypted form.
  - 44. The method of claim 1 wherein a result of the decrypting the retrieved encrypted first personalization value is the unique first personalization value.

3. The method of 1 in which a plurality of personalization values are received from the first party for personalizing a plurality of generic circuits.

5. A method, comprising:
- distributing a first generic circuit of a plurality of generic circuits to a first party, the plurality of generic circuits being substantially identical to each other;
  
  receiving a unique first personalization value from the first party;
  
  encrypting the first personalization value, received from the first party, using a first secret encryption key, thereby generating an encrypted first personalization value;
  
  transmitting the encrypted first personalization value to the first party, wherein the first generic circuit is configured to store the transmitted encrypted first personalization value, and to respond to execution of a first piece of software by;
  
  retrieving the stored encrypted first personalization value;
  
  decrypting the retrieved encrypted first personalization value; and
  
  using the decrypted first personalization value to control execution of the first piece of software by the first generic circuit; and
  
  distributing additional generic circuits to the first party in which the encryption key used to encrypt additional personalization values for the additional generic circuits distributed to the first party is changed periodically.

7. A method for personalizing a circuit performed by a distributor of electronic devices, the method comprising the steps of:
- receiving a first generic circuit of a plurality of generic circuits, the plurality of generic circuits being substantially identical to each other;
  
  transmitting a first personalization value to an authority;
  
  receiving the first personalization value in an encrypted form from the authority, the first personalization value having been encrypted using a first secret encryption key associated with the authority;
  
  storing the encrypted first personalization value in the first generic circuit, wherein the first generic circuit is configured to retrieve the stored encrypted first personalization value, decrypt the retrieved encrypted first personalization value and to use the decrypted first personalization value to control proper execution of a first piece of software;
  
  receiving a second generic circuit of the plurality;
  
  transmitting a second personalization value to the authority; and
  
  receiving the second personalization value in an encrypted form from the authority, the second personalization value having been encrypted using a second secret encryption key associated with the authority.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
- - 8. The method of claim 7, further comprising:
    - receiving a third generic circuit of the plurality of generic circuits;
      
      transmitting a third personalization value to the authority;
      
      receiving the third personalization value in an encrypted form from the authority, the third personalization value having been encrypted using the first secret encryption key associated with the authority; and
      
      storing the encrypted second personalization value in the second generic circuit, wherein the second generic circuit is configured to retrieve the stored encrypted second personalization value, decrypt the retrieved encrypted second personalization value and to use the decrypted second personalization value to control proper execution of a second piece of software.
  - 9. The method of claim 7 in which the first personalization value comprises a number.
  - 10. The method of claim 7, further comprising:
    - retrieving the stored encrypted first personalization value;
      
      decrypting the retrieved encrypted first personalization value to obtain the first personalization value; and
      
      executing the first piece of software using the decrypted first personalization value.
  - 11. The method of claim 7 in which the encrypted first personalization value is received in a further encrypted form.
  - 12. The method of claim 7, further comprising incorporating the first generic circuit into an electronic device.
  - 13. The method of claim 12 in which the device is a set-top-box for use in a pay-television system and the distributor is a set-top-box manufacturer.
  - 14. The method of claim 7 in which the first piece of software is arranged to perform a circuit reset if the software is not properly executed.

15. A method of distributing generic circuits for electronic devices, comprising:
- distributing a first generic circuit of a plurality of generic circuits to a first party, the plurality of generic circuits being substantially identical;
  
  transmitting a first personalization value from the first party to an authority;
  
  encrypting the first personalization value using a first secret encryption key associated with the authority;
  
  transmitting the encrypted first personalization value from the authority to the first party;
  
  storing the encrypted first personalization value in the first generic circuit;
  
  obtaining a decrypted first personalization value by using the first generic circuit to retrieve and decrypt the stored encrypted first personalization value;
  
  executing using the first generic circuit, a first piece of software using the decrypted first personalization value; and
  
  distributing additional generic circuits in which a second secret encryption key associated with the authority is used to encrypt additional personalization values for the additional generic circuits.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 16. The method of claim 15, further comprising:
    - distributing a second generic circuit of the plurality of generic circuits to a second party;
      
      encrypting a second personalization value using a third secret encryption key associated with the authority;
      
      transmitting the encrypted second personalization value from the authority to the second party;
      
      storing the encrypted second personalization value in the second generic circuit;
      
      obtaining a decrypted second personalization value by retrieving and decrypting the stored encrypted second personalization value; and
      
      executing a second piece of software using the decrypted second personalization value.
  - 17. The method of claim 16 in which the first and second parties are device manufacturers who incorporate generic circuits into devices and the authority is a manufacturer of the generic circuits.
  - 18. The method of claim 17 in which the devices include set-top-boxes for use in pay-television systems.
  - 19. The method of claim 16 in which at least one of the parties transmits a plurality of personalization values to the authority.
  - 20. The method of claim 15 in which the first personalization value is encrypted using RSA encryption.
  - 21. The method of claim 15 in which the first personalization value comprises a number.
  - 22. The method of claim 15 in which the first piece of software is arranged to perform a circuit reset if the decrypted first personalization value does not equal the first personalization value.
  - 23. The method of claim 15 in which encryption keys used to encrypt personalization values are changed periodically.
  - 24. The method of claim 15 in which the encrypted first personalization value is transmitted in a further encrypted form.

25. A semiconductor integrated circuit arranged to execute a piece of software that inputs a personalization value as an input parameter, the circuit being configured to use in an electronic device and comprising:
- a personalization memory configured to store an encrypted personalization value generated by an authority based on the personalization value;
  
  a key memory configured to store a decryption key;
  
  a personalization control unit comprising a cryptographic circuit configured to obtain a decrypted personalization value by retrieving and decrypting the stored encrypted personalization value using the decryption key; and
  
  a processor configured to receive the decrypted personalization value from the cryptographic circuit, to execute the software and to supply the software with the decrypted personalization value.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33)
- - 26. The semiconductor integrated circuit of claim 25 in which the personalization memory is a one-time-programmable memory.
  - 27. The semiconductor integrated circuit of claim 25 in which the key memory is a one-time-programmable memory.
  - 28. The semiconductor integrated circuit of claim 25 in which the decryption key is permanently recorded into the key memory at a circuit manufacturing stage.
  - 29. The semiconductor integrated circuit of claim 25 in which the personalization memory is accessible only via the personalization control unit.
  - 30. The semiconductor integrated circuit of claim 25 in which the key memory is accessible only through the personalization control unit.
  - 31. The semiconductor integrated circuit of claim 25 in which the personalization value is a number.
  - 32. The semiconductor integrated circuit of claim 25 which the processor is arranged to perform a circuit reset if the decrypted personalization value does not equal the personalization value.
  - 33. The semiconductor integrated circuit of claim 25 in which the circuit is a monolithic device.

34. An electronic device, comprising:
- a memory configured to store a piece of software that inputs a decrypted personalization value as an input parameter; and
  
  a semiconductor integrated circuit configured to provide the piece of software with the decrypted personalization value, the circuit comprising;
  
  a personalization memory configured to store an encrypted personalization value generated by an authority based on the personalization value which is provided to the authority;
  
  a key memory configured to store a decryption key; and
  
  a personalization control unit comprising a cryptographic circuit configured to obtain the decrypted personalization value by retrieving the stored encrypted personalization value and decrypting the retrieved encrypted personalization value using the decryption key.
- View Dependent Claims (35, 36, 37)
- - 35. The device of claim 34 wherein the integrated circuit further includes:
    - a processor arranged to receive the decrypted personalization value from the cryptographic circuit, to execute the software, and to supply the software with the decrypted personalization value.
  - 36. The device of claim 35 in which the software implements a set-top-box function.
  - 37. The device of claim 35 wherein the decryption key stored in the key memory is generated by the authority.

38. A non-transitory computer-readable memory medium whose contents cause an electronic device to perform a method, the method comprising:
- receiving a first personalization value in an encrypted form from an authority, the first personalization value having been encrypted using a secret encryption key associated with the authority;
  
  storing the encrypted first personalization value;
  
  retrieving the stored encrypted first personalization value;
  
  decrypting the retrieved encrypted first personalization value to obtain the first personalization value; and
  
  controlling execution of a first piece of software based on the decrypted first personalization value.
- View Dependent Claims (39, 40)
- - 39. The non-transitory computer readable medium of claim 38 wherein the first personalization value comprises a number.
  - 40. The non-transitory computer readable medium of claim 38 wherein the software is arranged to perform a circuit reset if the software is not properly executed.

41. An electronic device, comprising:
- means for receiving a first personalization value in an encrypted form from an authority, the first personalization value having been encrypted using a secret encryption key associated with the authority;
  
  means for storing the encrypted first personalization value;
  
  means for retrieving and decrypting the stored encrypted first personalization value to obtain the first personalization value; and
  
  means for controlling execution of a first piece of software based on the decrypted first personalization value.
- View Dependent Claims (42, 43)
- - 42. The electronic device of claim 41 wherein the first personalization value comprises a number.
  - 43. The electronic device of claim 41 wherein the software is arranged to perform a circuit reset if the software is not properly executed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
STMicroelectronics Limited (STMicroelectronics NV)
Original Assignee
Stmicroelectronics Pte Limited (STMicroelectronics NV)
Inventors
Dellow, Andrew
Primary Examiner(s)
Flynn, Nathan
Assistant Examiner(s)
LAKHIA, VIRAL S

Application Number

US11/461,239
Publication Number

US 20070024316A1
Time in Patent Office

2,402 Days
Field of Search

726 27- 30, 380277-286, 380/8, 705/56, 326/8
US Class Current

326/8
CPC Class Codes

G06F 21/70 Protecting specific interna...

G06F 21/73 by creating or determining ...

Circuit personalization

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

35 Citations

44 Claims

Specification

Solutions

Use Cases

Quick Links

Circuit personalization

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

35 Citations

44 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links