Preventing the use of modified receiver firmware in receivers of a conditional access system
First Claim
Patent Images
1. A receiver comprising:
- a firmware memory;
an input configured to receive a challenge and a control word encrypted using a first response that corresponds to the challenge, the challenge being indicative of one or more locations in the firmware memory;
a data reading module configured to read data from the one or more locations in the firmware memory, the data forming a second response to the challenge;
a decrypter configured to decrypt the encrypted control word using the second response to the challenge as a key, to obtain a first control word for descrambling first scrambled content; and
a descrambler configured to descramble the first scrambled content using the first control word to obtain first descrambled content.
3 Assignments
0 Petitions
Accused Products
Abstract
The invention enables the shared secret, which is used for encrypting the communication of CWs from a smartcard to a receiver, to cover at least a part of a binary image of firmware that is executing in the receiver. Preferably the shared secret covers the entire binary image of the firmware. Hereto, data from one or more predefined firmware memory locations are read, the set of data forming the shared secret.
6 Citations
22 Claims
-
1. A receiver comprising:
-
a firmware memory; an input configured to receive a challenge and a control word encrypted using a first response that corresponds to the challenge, the challenge being indicative of one or more locations in the firmware memory; a data reading module configured to read data from the one or more locations in the firmware memory, the data forming a second response to the challenge; a decrypter configured to decrypt the encrypted control word using the second response to the challenge as a key, to obtain a first control word for descrambling first scrambled content; and a descrambler configured to descramble the first scrambled content using the first control word to obtain first descrambled content. - View Dependent Claims (2, 16, 17, 19, 20)
-
-
3. A smartcard comprising:
-
a key memory configured to store a first key and a second key; a first decrypter configured to decrypt one or more encrypted challenge-response pairs using the second key from the key memory to obtain one or more decrypted challenge-response pairs, each of the one or more challenge-response pairs including a challenge and a response to the challenge; a memory configured to store the one or more challenge-response pairs; a second decrypter configured to decrypt an encrypted control word using the first key from the key memory to obtain a control word for descrambling content; an encrypter configured to encrypt the control word by selecting and using a first response of one of the challenge-response pairs stored in the memory to obtain a re-encrypted control word, wherein the smartcard is configured to transmit the re-encrypted control word and the challenge of the one of the challenge-response pairs to a receiver, and wherein the challenge of the one of the challenge-response pairs is indicative of one or more locations in a firmware memory of the receiver, data in the one or more locations in the firmware memory of the receiver forming a key for use by the receiver to decrypt the re-encrypted control word. - View Dependent Claims (6)
-
-
4. A smartcard comprising:
-
a key memory configured to store a key; a decrypter configured to decrypt an encrypted control word, an encrypted challenge and two or more encrypted responses using the key from the key memory to obtain a control word, a challenge and two or more responses to the challenge, respectively, wherein each response forms a challenge-response pair with the challenge for a particular receiver; an encrypter configured to encrypt the control word by selecting and using a first response of one of the challenge-response pairs to obtain a re-encrypted control word, wherein the smartcard is configured to transmit the re-encrypted control word and the challenge of the one of the challenge-response pairs to a receiver, and wherein the challenge of the one of the challenge-response pairs is indicative of one or more locations in a firmware memory of the receiver, data in the one or more locations in the firmware memory of the receiver forming a key for use by the receiver to decrypt the re-encrypted control word. - View Dependent Claims (5, 18)
-
-
7. A head-end system comprising:
-
a memory configured to store a copy of a firmware memory of a first receiver, wherein the first receiver comprises; the firmware memory; an input configured to receive a challenge and a control word encrypted using a first response that corresponds to the challenge, the challenge being indicative of one or more locations in the firmware memory; a data reading module configured to read data from the one or more locations in the firmware memory, the data forming a second response to the challenge; a decrypter configured to decrypt the encrypted control word using the second response to the challenge as a key, to obtain a first control word for descrambling first scrambled content; and a descrambler configured to descramble the first scrambled content using the first control word to obtain first descrambled content; wherein the first receiver is configured to communicate with a smartcard that comprises; a key memory configured to store a first key and a second key; a first decrypter configured to decrypt one or more encrypted challenge-response pairs using the second key from the key memory to obtain one or more decrypted challenge-response pairs, each of the one or more challenge-response pairs including a challenge and a response to the challenge; a memory configured to store the one or more challenge-response pairs; a second decrypter configured to decrypt an encrypted control word using the first key from the key memory to obtain a control word for descrambling content; and an encrypter configured to encrypt the control word by selecting and using a first response of one of the challenge-response pairs stored in the memory to obtain a re-encrypted control word, wherein the smartcard is configured to transmit the re-encrypted control word and the challenge of the one of the challenge-response pairs to the first receiver; wherein the head-end system is configured to; select one or more locations in the firmware memory of the receiver; generate a challenge-response pair comprising the challenge indicative of the one or more locations in the firmware memory and the first response; and encrypt the challenge-response pair and transmit the encrypted challenge-response pair to the smartcard. - View Dependent Claims (8, 9)
-
-
10. A conditional access system comprising a first receiver that is communicatively directly connected to a smartcard, wherein the first receiver comprises:
-
a firmware memory; an input configured to receive a challenge and a control word encrypted using a first response that corresponds to the challenge, the challenge being indicative of one or more locations in the firmware memory; a data reading module configured to read data from the one or more locations in the firmware memory, the data forming a second response to the challenge; a decrypter configured to decrypt the encrypted control word using the second response to the challenge as a key, to obtain a first control word for descrambling first scrambled content; and a descrambler configured to descramble the first scrambled content using the first control word to obtain first descrambled content; wherein the smartcard comprises; a key memory configured to store a first key and a second key; a first decrypter configured to decrypt one or more encrypted challenge-response pairs using the second key from the key memory to obtain one or more decrypted challenge-response pairs, each of the one or more challenge-response pairs including a challenge and a response to the challenge; a memory configured to store the one or more challenge-response pairs; a second decrypter configured to decrypt an encrypted control word using the first key from the key memory to obtain a control word for descrambling content; and an encrypter configured to encrypt the control word by selecting and using a first response of one of the challenge-response pairs stored in the memory to obtain a re-encrypted control word, wherein the smartcard is configured to transmit the re-encrypted control word and the challenge of the one of the challenge-response pairs to the first receiver; wherein the conditional access system further comprises a further receiver that is communicatively connected to the first receiver via a network, wherein the further receiver uses the smartcard to obtain a control word for descrambling scrambled content in the further receiver. - View Dependent Claims (11)
-
-
12. A method in a receiver comprising:
-
receiving a challenge and a control word encrypted using a first response that corresponds to the challenge, the challenge indicative of one or more locations in a firmware memory of the receiver; reading data from the one or more locations in the firmware memory, the data forming a second response to the challenge; decrypting the encrypted control word using the second response to the challenge as a key, to obtain a first control word for descrambling first scrambled content; and descrambling the first scrambled content using the first control word to obtain first descrambled content. - View Dependent Claims (13, 21, 22)
-
-
14. A method in a smartcard comprising:
-
decrypting one or more encrypted challenge-response pairs using a second key to obtain one or more decrypted challenge-response pairs, each of the one or more decrypted challenge-response pairs including a challenge and a response to the challenge; storing the one or more challenge-response pairs in a memory; decrypting an encrypted control word using a first key to obtain a control word for descrambling content; selecting a response of one of the challenge-response pairs stored in the memory and encrypting the control word using a first response of the one of the challenge-response pairs stored in the memory to obtain a re-encrypted control word; and transmitting the re-encrypted control word and the challenge of the one of the challenge-response pairs to a receiver, wherein the challenge of the one of the challenge-response pairs is indicative of one or more locations in a firmware memory of the receiver, data in the one or more locations in the firmware memory of the receiver forming a key for use by the receiver to decrypt the re-encrypted control word.
-
-
15. A method in a smartcard comprising:
-
decrypting an encrypted control word, an encrypted challenge and two or more encrypted responses using a key to obtain a control word, a challenge and two or more responses to the challenge, respectively, wherein each response forms a challenge-response pair with the challenge for a particular receiver; selecting a response of one of the challenge response pairs stored in the memory and encrypting the control word using a first response of the one of the challenge-response pairs to obtain a re-encrypted control word; and transmitting the re-encrypted control word and the challenge of the one of the challenge-response pairs to a receiver, wherein the challenge of the one of the challenge response pairs is indicative of one or more locations in a firmware memory of the receiver, data in the one or more locations in the firmware memory of the receiver forming a key for use by the receiver to decrypt the encrypted control word.
-
Specification