Method and system for preventing revocation denial of service attacks
First Claim
1. A method for signal processing, the method comprising:
- in a secure communication system in an integrated circuit;
receiving an encrypted transport stream;
decrypting said encrypted transport stream;
extracting from said decrypted transport stream, a command for revoking a secure key, wherein said secure key is encrypted;
decrypting said command for revoking said secure key utilizing a hidden key;
verifying a signature of said decrypted command for revoking said secure key; and
revoking said secure key upon successful verification of said signature.
6 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for preventing revocation denial of service attacks are disclosed and may include receiving and decrypting a command for revoking a secure key utilizing a hidden key, and revoking the secure key upon successful verification of a signature. The command may comprise a key ID that is unique to a specific set-top box. A key corresponding to the command for revoking the secure key may be stored in a one-time programmable memory, compared to a reference, and the security key may be revoked based on the comparison. The command for revoking the secure key may be parsed from a transport stream utilizing a hardware parser. The method and system may also comprise generating a command for revoking a secure key. The command may be encrypted and signed utilizing a hidden key and may comprise a key ID that is unique to a specific set-top box.
43 Citations
28 Claims
-
1. A method for signal processing, the method comprising:
-
in a secure communication system in an integrated circuit; receiving an encrypted transport stream; decrypting said encrypted transport stream; extracting from said decrypted transport stream, a command for revoking a secure key, wherein said secure key is encrypted; decrypting said command for revoking said secure key utilizing a hidden key; verifying a signature of said decrypted command for revoking said secure key; and revoking said secure key upon successful verification of said signature. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for signal processing, the method comprising:
-
generating a command for revoking a secure key, wherein said secure key is encrypted; encrypting said command for revoking said secure key utilizing a hidden key; signing said encrypted command for revoking said secure key; combining said signed and encrypted command with video data being transmitted to a secure communication system; and encrypting said combined video data and said signed and encrypted command. - View Dependent Claims (12, 13, 28)
-
-
14. A system for signal processing, the system comprising:
-
one or more circuits for receiving an encrypted transport stream, said one or more circuits configured to; decrypt said encrypted transport stream; extract from said decrypted transport stream, a command that revokes a secure key, wherein said secure key is encrypted; decrypt said command for revoking said secure key utilizing a hidden key; verify a signature of said decrypted command for revoking said secure key; and revoke said secure key upon successful verification of said signature. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A system for signal processing, the system comprising:
-
one or more circuits configured to; generate a command for revoking a secure key, wherein said secure key is encrypted; encrypt said command for revoking said secure key utilizing a hidden key; sign said encrypted command for revoking said secure key; combine said signed and encrypted command with video data being transmitted to a secure communication system; and encrypt said combined video data and said signed and encrypted command. - View Dependent Claims (25, 26, 27)
-
Specification