[go: up one dir, main page]

HK1111021B - Method for controlling access to encrypted data - Google Patents

Method for controlling access to encrypted data Download PDF

Info

Publication number
HK1111021B
HK1111021B HK08105187.4A HK08105187A HK1111021B HK 1111021 B HK1111021 B HK 1111021B HK 08105187 A HK08105187 A HK 08105187A HK 1111021 B HK1111021 B HK 1111021B
Authority
HK
Hong Kong
Prior art keywords
control
data
control word
sending
encrypted
Prior art date
Application number
HK08105187.4A
Other languages
German (de)
French (fr)
Chinese (zh)
Other versions
HK1111021A1 (en
Inventor
Philippe Stransky
Original Assignee
Nagravision Sa
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from EP05106186A external-priority patent/EP1742475A1/en
Application filed by Nagravision Sa filed Critical Nagravision Sa
Publication of HK1111021A1 publication Critical patent/HK1111021A1/en
Publication of HK1111021B publication Critical patent/HK1111021B/en

Links

Description

The Commission has already adopted a proposal for a directive.
The present invention relates to a method of access control for data encrypted by CW control words, these control words being received by a security module in control messages and returned to an encrypted data processing unit.
This method is particularly applicable in the case of pay-TV.
The first is the technical
In the above-mentioned area of pay-TV, data is encrypted by a data provider using encryption keys called control words, which are transmitted to multimedia units of users or subscribers, and control words are transmitted to these multimedia units as a stream of control messages.
Multimedia units are usually composed of an operating unit which, in the case of pay-TV, is a decoder receiving the above-mentioned streams and a security module in charge of cryptographic operations related to the use of these streams.
The most common form of a security module is a microprocessor card, a chip card, or more generally an electronic module (in the form of a key, badge, etc.).
A second known form is an integrated circuit box placed, usually permanently and immovably, in the decoder case.
In a third form, the safety module is integrated into an integrated circuit housing with another function, for example in a decoder unlock module or decoder microprocessor.
In a fourth embodiment, the security module is not implemented in physical form but its function is implemented in software only.
When a media unit receives the stream containing the control words, it first checks whether the user has rights to decrypt specific data. If so, the control messages are decrypted so that the control words are extracted. These control words are in turn used to decrypt the data.
Also known as a cryptographic period, each password usually allows a small portion of the transmitted data to be decrypted. Typically, a password allows 10 seconds of a pay-TV event to be decrypted. After this time, called a cryptographic period, the password is changed for security reasons.
Err1:Expecting ',' delimiter: line 1 column 376 (char 375)
The invention described in US Patent 2004/0215691 seeks to prevent this fraudulent use. To achieve this, each time a control message is received by a multimedia unit, that unit or its associated security module determines which channel that control message is bound to. Channel identifiers are stored with temporal information. Messages are compared to determine whether they are bound to different channels or to the same channel. If they are bound to different channels, a counter is incremented by a certain value. If the control messages are bound to the same channel, the counter is decremented.
This method requires that a channel identifier be available for each control message. In some configurations this is not the case. Using control messages as defined in particular in Eurocrypt standard EN 50094 of December 1992 it is possible to identify not each channel but a class of channels. In this case, it is not possible with the above invention to block the use of multiple multimedia units using a single security module and separator.
The international application, published under the number WO 01/15448, describes a pay-TV system and more specifically a video on-demand system. In this system, data is encrypted using control words. These control words are sent to users only for a predetermined time during which the user must acquire them if he wants to be able to access the content. This process limits the risk of a fraudulent user illegally receiving the control words and thus accessing the content.
This is not applicable in a conventional pay-TV system where a user can switch channels, because in the event of a change of channel, the user would have to wait for a control message corresponding to the new channel to be received before being able to access the content.
Err1:Expecting ',' delimiter: line 1 column 166 (char 165)
The purpose of this is that when a channel is changed (zapping), the control word needed to access the content is quickly available. When a multimedia unit has received a control message, it filters the identical messages so that they are transmitted only once to the security module. The following description implies that when ECM control messages are mentioned, they are different messages, since the identical messages are not used.
A difficulty arises in the case when control messages contain more than one control word. In practice, it is common to send two control words per control message. This has the advantage that while one of the control words is being used, the other is being decoded and memorized. This achievement allows for safer decoding algorithms, so longer to decode.
In such a case, it is possible for a fraudulent user to use only one of two control messages and then forward the unused message to another decoder or operating system. In this way, each decoder receives all the control words it needs. Thus, several operating units can allow access to encrypted content while only one subscriber has the rights in principle.
This type of fraud is particularly difficult to detect as it is not possible, without the use of a channel identifier, to distinguish between normal use of all control messages by a single decoder and fraudulent use of one control message by two separate decoders.
The invention is presented in the following table:
The present invention is intended to solve this problem and thus prevent access to encrypted content during fraudulent use of two decoders with a single security module.
The solution of the invention also makes it possible to prevent at least partial access to encrypted content by fraudulent users who use only one of two control messages and whose other control message is transmitted to another decoder.
The purpose of the invention is achieved by a method of controlling access to data encrypted by control words, these control words being received by a security module in control messages and returned to a control data processing unit, the control messages containing at least one first control word and one second control word, these control words each allowing access to the encrypted data for a specified time period called the cryptoperiod, this method comprising the steps: The following information shall be provided to the operator:such a control message (ECM) containing at least two specified control words (CW1, CW2) is sent to the unit after the data encoded by that first control word (CW1) has been sent and before the data encoded by that second control word (CW2) has been sent; This method is characterised by the time lag between the sending of the data encrypted by the first control word (CW1) to the operating unit and the sending of the control message (ECM) containing the first control word (CW1) and the second control word (CW2) being greater than 75% of the cryptographic period.
Generally, the method of the present invention uses control messages containing two control words; however, a user using only one control message in two will not be able to access all of the encrypted content; two users sharing a separator and security module will each only be able to access part of the audio/video content.
The Commission shall be assisted by the Member States.
The present invention and its advantages will be better understood by reference to the figures annexed and the detailed description of a particular embodiment given as a non-limiting example, in which: Figure 1 illustrates an embodiment of the invention in which a data stream and a control message stream are used in a conventional manner;Figure 2 illustrates an embodiment of Figure 1 in which the data stream and control message stream are used fraudulently;Figure 3 illustrates an embodiment of the invention in which the data stream and control message stream are used in a conventional manner;Figure 4 illustrates an embodiment of Figure 3 in which the data stream and control message stream are used fraudulently.
The method of invention
Err1:Expecting ',' delimiter: line 1 column 374 (char 373)
In this use, the first user receives the first ECM1 control message and extracts the control words CW1 and CW2 from it. Before receiving the second ECM2 control message, it is filtered so that it cannot be used. When the content needs to be decrypted with the CW2 control word, it is available because it was sent in the first ECM1 control message.
The ECM2 control message can be used to feed a second decoder. In order to detect fraudulent use, it is possible to perform a count of how many ECM control messages are decrypted during each cryptographic period. This allows action when too many control messages are decrypted during each cryptographic period. In the case of the invention, however, a test on the number of control messages per cryptographic period will not detect and prevent fraudulent use, since this number is exactly the number of messages decrypted by a single security module in normal use.
Figure 3 schematically represents the method of the invention. In this method, the CT encrypted data flow is offset from the ECM control message flow. The description below concerns normal use of a single multimedia unit with a single safety module.
For example, if a user turns on their media unit or arrives at a specific channel at the time indicated by t1 in Figure 3, the CT content must be decoded by the CW2 control word. At this time, the first ECM1 control message is broadcast. This ECM1 control message contains the CW1 and CW2 control words. The content can therefore be decoded by the CW2 control word.
If the user turns on their media unit or arrives at a specific channel at the time indicated by t2, they will also need the CW2 password to decrypt the content. At this point, the second ECM2 control message is broadcast. This contains the CW2 and CW3 control words.
If the user turns on the media unit or arrives at a specific channel at the time indicated by t3, the process will be similar to the process explained for the case where the turn on time is t1.
So we see that in conventional use, no matter when a user turns on their multimedia unit or changes channel, they can access encrypted content.
Figure 4 illustrates a fraudulent use of two media units using the method of the invention. According to this usage, each decoder uses only one control message out of two. Suppose one of the decoders uses the first ECM1 control message containing the control words CW1 and CW2. If the user turns on their media unit or arrives at a relevant channel at time t1, it is as in the example shown in Figure 3, i.e. the CW2 control word needed to decrypt the content is available since it was embedded in the ECM1 control message. The content is therefore accessible.
If the user turns on his media unit at time t2, he will need the CW2 password to access the CT content. Since it was sent in the first ECM1 control message, it is available and the content can be decrypted.
In the event that the user turns on their media unit at instant t3, they will need the CW3 password to access the content. This password is sent once in the second ECM2 control message and once in the third ECM3 control message. In the event of fraudulent use as described above, the second ECM2 control message has not been used by this decoder, but has been passed to another decoder. The control words it contains are therefore not available to the decoder in question. Given the lag between the data and control message flow, the third ECM3 control message is not available at instant t3.
In practice, for an honest user to have access to all content, it is necessary that the lag between the CT data stream and the ECM control message stream be less than one cryptoperiod. For a fraudulent user to be penalized as much as possible, the lag must be as large as possible. A lag that is usually slightly less than one cryptoperiod is usually chosen. Preferably, such a lag is chosen that the lag plus the time for the security module to process the control message and return the control password to the operating device is less than the cryptoperiod.
For example, a cryptographic period of 5 seconds can be expected, for example, with a delay of 4 seconds between the two streams, so that if a single security module feeding two decoders is used, each decoder will have a significant period of time during which it will not have access to the encrypted content.

Claims (4)

  1. Method for controlling access to data (CT) encrypted by control words (CW), these control words being received by a security module in control messages (ECM) and returned to a processing unit for encrypted data, said control messages (ECM) containing at least a first control word (CW1) and a second control word (CW2), these control words each allowing access to encrypted data (CT) during a determined time duration called a cryptoperiod (CP), this method including the steps of:
    - sending said encrypted data to at least one processing unit; and
    - sending the control messages (ECM) to said processing unit, this type of control message (ECM) containing at least two determined control words (CW1, CW2) being sent to the processing unit after the sending of the data encrypted by said first control word (CW1) and before the sending of the data encrypted by said second control word (CW2); this method being characterised in that the time shifting between the sending to the processing unit of data encrypted by said first control word (CW1) and the sending of the control message (ECM) containing said first control word (CW1) and said second control word (CW2) is greater than 75% of the cryptoperiod.
  2. Method for controlling access according to claim 1, characterised in that the time shifting between the sending to the processing unit of data encrypted by said first control word (CW1) and the sending of the control message (ECM) containing said first control word (CW1) and said second control word (CW2) is lower than 100% of the cryptoperiod.
  3. Method for controlling access according to claim 1 or 2, characterised in that the time shifting between the sending to the processing unit of data encrypted by said first control word (CW1) and the sending of the control message (ECM) containing said first control word (CW1) and said second control word (CW2) is lower than 100% of the cryptoperiod minus the time for processing said control message by the security module and for returning the control word to the processing device.
  4. Method for controlling access according to claim 1, characterised in that the data stream is of the MPEG type.
HK08105187.4A 2005-07-07 2006-07-06 Method for controlling access to encrypted data HK1111021B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
EP05106186A EP1742475A1 (en) 2005-07-07 2005-07-07 Method to control access to enciphered data
EP05106186.9 2005-07-07
PCT/EP2006/063989 WO2007006736A1 (en) 2005-07-07 2006-07-06 Method for controlling access to encrypted data

Publications (2)

Publication Number Publication Date
HK1111021A1 HK1111021A1 (en) 2008-07-25
HK1111021B true HK1111021B (en) 2010-01-29

Family

ID=

Similar Documents

Publication Publication Date Title
KR101342743B1 (en) How to Control Password Data Access
CN101034972B (en) Method and system providing scrambled content
CN100592786C (en) Smart Card Dynamic Management
JP4949610B2 (en) Method for controlling descrambling of multiple program transport streams, receiver system, and portable safety device
KR101354411B1 (en) Method for accessing services by a user unit
US8036387B2 (en) Method for the transmission of management data
IL188334A (en) Method and device for controlling access to encrypted data
CN102075813B (en) Reliable and non-manipulatable processing of data streams in a receiver
EP1676440B1 (en) Security integrated circuit
KR101803974B1 (en) A method and apparatus for decrypting encrypted content
HK1111021B (en) Method for controlling access to encrypted data
KR100956273B1 (en) Conditional Access Systems and Devices
CA2617900C (en) Method for processing conditional access contents by a user unit
MXPA04011537A (en) Key transport tamper protection.
HK1111022B (en) Method and device for controlling access to encrypted data