Conditional access system and method for prevention of replay attacks

US 8,681,979 B2
Filed: 10/05/2011
Issued: 03/25/2014
Est. Priority Date: 03/02/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A method, comprising:

creating, at a headend, an event table for a corresponding transport stream, the event table comprising a location of one or more start codes within the transport stream;

transmitting the transport stream from the headend to at least one receiver among a plurality of receivers;

transmitting the event table from the headend to the at least one receiver among a plurality of receivers.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a conditional access system, a headend transmits content to one or more receivers in encrypted transport streams. The system provides a multi-layer security architecture, rendering the system resistant to key replay attacks; if one layer is circumvented, subsequent layers remain intact. A first layer prevents unencrypted keys from being recorded by shielding the unencrypted keys from users and encrypting the path from the receiver'"'"'s conditional access module to the transport decryption module; a second layer prevents a key recorded on one receiver from being played back to the transport decryption module on a second receiver; a third layer prevents a user from decrypting transport streams without the encryption module by encrypting the stream a second time prior to being passed through any user-accessible memory or processor. Event tables are transmitted with the transport stream, either unencrypted for immediate use or encrypted, to prevent unauthorized use.

Citations

18 Claims

1. A method, comprising:
- creating, at a headend, an event table for a corresponding transport stream, the event table comprising a location of one or more start codes within the transport stream;
  
  transmitting the transport stream from the headend to at least one receiver among a plurality of receivers;
  
  transmitting the event table from the headend to the at least one receiver among a plurality of receivers.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the event table further comprises a type of at least one start code of the one or more start codes.
  - 3. The method of claim 1, further comprising:
    - encrypting the event table prior to transmission with the transport stream.
  - 4. The method of claim 1, wherein the transport stream is an encrypted transport stream, and further comprising:
    - storing the encrypted transport stream transmitted at the at least one receiver; and
      
      encrypting, at the at least one receiver, the transport stream to obtain a doubly encrypted transport stream;
      
      storing the doubly encrypted transport stream on a storage medium accessible to the at least one receiver.
  - 5. The method of claim 1, wherein at least one start code of the one or more start codes indicates a start of an element in an MPEG stream.
  - 6. The method of claim 1, wherein the transport stream is an encrypted transport stream.

7. A system comprising:
- a subsystem, at a headend, implemented at least partially in hardware, that creates an event table for a corresponding transport stream, the event table comprising a location of one or more start codes within the transport stream;
  
  a subsystem, implemented at least partially in hardware, that transmits the transport stream from the headend to at least one receiver among a plurality of receivers;
  
  a subsystem, implemented at least partially in hardware, that transmits the event table from the headend to the at least one receiver among a plurality of receivers.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system of claim 7, wherein the event table further comprises a type of at least one start code of the one or more start codes.
  - 9. The system of claim 7, further comprising:
    - a subsystem, implemented at least partially in hardware, that encrypts the event table prior to transmission with the transport stream.
  - 10. The system of claim 7, wherein the transport stream is an encrypted transport stream, and further comprising:
    - a subsystem, implemented at least partially in hardware, that stores the encrypted transport stream transmitted at the at least one receiver; and
      
      a subsystem, implemented at least partially in hardware, that encrypts, at the at least one receiver, the transport stream to obtain a doubly encrypted transport stream;
      
      a subsystem, implemented at least partially in hardware, that stores the doubly encrypted transport stream on a storage medium accessible to the at least one receiver.
  - 11. The system of claim 7, wherein at least one start code of the one or more start codes indicates a start of an element in an MPEG stream.
  - 12. The system of claim 7, wherein the transport stream is an encrypted transport stream.

13. A non-transitory computer readable medium storing instructions which, when executed by one or more processors cause performance of steps comprising:
- creating, at a headend, an event table for a corresponding transport stream, the event table comprising a location of one or more start codes within the transport stream;
  
  transmitting the transport stream from the headend to at least one receiver among a plurality of receivers;
  
  transmitting the event table from the headend to the at least one receiver among a plurality of receivers.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The computer readable medium of claim 13, wherein the event table further comprises a type of at least one start code of the one or more start codes.
  - 15. The computer readable medium of claim 13, further comprising:
    - encrypting the event table prior to transmission with the transport stream.
  - 16. The computer readable medium of claim 13, wherein the transport stream is an encrypted transport stream, and further comprising:
    - storing the encrypted transport stream transmitted at the at least one receiver; and
      
      encrypting, at the at least one receiver, the transport stream to obtain a doubly encrypted transport stream;
      
      storing the doubly encrypted transport stream on a storage medium accessible to the at least one receiver.
  - 17. The computer readable medium of claim 13, wherein at least one start code of the one or more start codes indicates a start of an element in an MPEG stream.
  - 18. The computer readable medium of claim 13, wherein the transport stream is an encrypted transport stream.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
TiVo Solutions Inc. (Adeia Inc.)
Original Assignee
TiVo Inc. (Adeia Inc.)
Inventors
Platt, David C., Goodman, Andrew M., Zenchelsky, Daniel
Primary Examiner(s)
HOFFMAN, BRANDON S

Application Number

US13/253,909
Publication Number

US 20120027208A1
Time in Patent Office

902 Days
Field of Search

None
US Class Current

380/210
CPC Class Codes

H04L 2463/101   applying security measures ...

H04L 63/045   wherein the sending and rec...

H04L 63/10   for controlling access to d...

H04N 2005/91364   the video signal being scra...

H04N 21/258   Client or end-user data man...

H04N 21/25891   being end-user preferences ...

H04N 21/4126   The peripheral being portab...

H04N 21/426   Internal components of the ...

H04N 21/4367   Establishing a secure commu...

H04N 21/4622   Retrieving content or addit...

H04N 21/4623   Processing of entitlement m...

H04N 21/47   End-user applications

H04N 21/4782   Web browsing , e.g. WebTV

H04N 21/63345   by transmitting keys key di...

H04N 21/816   involving special video dat...

H04N 21/84   Generation or processing of...

H04N 5/782   on tape

H04N 5/913   for scrambling ; for copy p...

H04N 7/163   by receiver means only

H04N 7/1675   Providing digital key or au...

H04N 7/17309 : Transmission or handling of...

View All

Conditional access system and method for prevention of replay attacks

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Conditional access system and method for prevention of replay attacks

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links