JP2001119357A - Related information processing device in conditional access system - Google Patents

Abstract

(57) [Summary] [PROBLEMS] To receive a broadcast signal transmitted over a broadcast transmission path such as a satellite broadcast wave using a CAS, and retransmit the broadcast transmission path such as a CATV using another CAS to broadcast. Information, the information used for conditional access control must be securely transferred. SOLUTION: A satellite broadcast program signal is a scrambler 11.
, And transferred to the STB without descrambling. ECM and EMM are connected via headend
Transferred to TB. The relevant information is S on the satellite broadcasting station side.
-The ECM and EMM obtained by the encryption in the CAS system are obtained by the decryption means 32, 3 in the head-end receiving unit of the CATV.
3 and decrypted by encryption means 28 and 29
It is re-encrypted by the C-CAS method and transferred to the STB. From the viewpoint of security, the encryption method is different for key information common to all receivers and information unique to each receiver.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an apparatus for processing related information in a conditional access system. In particular, a signal broadcast using a conditional access system on a first broadcast transmission line such as a satellite broadcast or a terrestrial broadcast is retransmitted using a conditional access system on a broadcast system using a second broadcast transmission line such as a CATV. The present invention relates to an apparatus for processing related information in a conditional access system applied when broadcasting. Here, as a function of the conditional access system, in addition to a function of reception control when a signal is scrambled and transmitted for pay broadcasting, regardless of whether the signal is scrambled or not.
It also covers functions that can transmit information for selecting and controlling a specific receiver, such as displaying individual messages for each receiver in broadcasting.

[0002]

2. Description of the Related Art FIG. 2 shows a basic system configuration of a conditional access system (hereinafter referred to as CAS). Here, the method of scrambling the program signal by the scrambler 1 in the broadcasting station employs a block encryption method in satellite digital broadcasting in Japan. However, a key for this encryption, that is, a key for scrambling the signal ( The scramble key (hereinafter referred to as Ks) is changed, for example, in units of one second to increase the security against unauthorized reception. To descramble the signal with the descrambler 2 on the receiver side,
It is necessary to know this Ks information. This Ks is encrypted by the encryption means 3 in the broadcasting station together with the attribute information on the program with another key (work key: hereinafter, referred to as Kw) and related information called program information (hereinafter, referred to as ECM) (Heisei 9). (Refer to Ordinance No. 57 of the Ministry of Posts and Telecommunications 1998, Notification No. 260 of the Ministry of Posts and Telecommunications 1998)). Further, Kw can be updated in units of, for example, one month or one year in order to maintain security. This Kw
If the data is transmitted by a medium that can be accessed from anywhere, such as radio waves, it is necessary to transmit the data after encryption. Therefore, this Kw is not only information indicating contract contents of each receiver (information of contract contents) but also individual information (hereinafter, EMM).
) Is sent to the receiver as related information. When this EMM is also transmitted by radio waves or the like, the EMM is encrypted by the encryption means 4 so as to prevent unauthorized use or falsification of information content. The key for this encryption (master key: hereinafter referred to as Km) generally differs for each receiver. The decryption processing and reception determination processing of these ciphers are performed by an integrated circuit provided in the receiver or a security module detachable from the receiver main body. In recent years, however, the latter has been commercialized using an IC card 5 with a built-in CPU. Many systems are used. This IC card includes, for example, a CPU,
EEP in which predetermined information as described later and a control procedure of each means for realizing the function by the CPU are stored.
A memory such as a ROM. That is, the IC card 5 has Km as information, and in the state where the IC card 5 is mounted in the receiver, the information of the contract contents and Kw are decrypted by the decryption means 6 from the EMM received using this Km, and the encryption is performed. The decoding means 7 converts the received ECM into Ks
And the attribute information relating to the program, and the descrambling permission / non-permission determining means 8 decodes the broadcast (program) based on the contract contents from the encryption / decryption means 6 and the program attribute information from the encryption / decryption means 7. It is determined whether or not scrambling is possible, and if possible, a switch 9 for supplying Ks from the decryption means 7 to the descrambler 2 is closed. Thus, a program signal descrambled and restored by the descrambler 2 is obtained.

[0003] Of the above-mentioned keys, Kw is common to all receivers that receive the broadcast, but Km is different for each receiver. At this time, it is desirable to encrypt the information of the contract content of each receiver using the same key between the operators broadcasting Km to the same receiver in order to simplify the processing in the receiver. In other words, contract information for each broadcaster is created by each broadcaster,
It is necessary to uniformly manage Km used for encryption when sending this as an EMM to a receiver. (If duplicated and managed for each broadcaster, if any is leaked, Is expected to be difficult to track and will have a significant impact.) For this purpose, an organization called a key management center 10 is provided on the broadcasting station side, and here, it is common to use the encryption means 4 to unify the encryption of the EMM created by each broadcasting company. is there.

The above is the basic configuration of CAS in a single broadcast transmission line. Next, a case in which a program broadcast by satellite broadcasting or the like is received by a CATV head end and retransmitted to the CATV will be described. think of.

The configuration of the CAS as shown in FIG. 2 is common to, for example, a satellite broadcast system and a CATV system. However, when connecting a satellite broadcasting system and a CATV system, there are some combinations in scrambling, transmission and processing of related information.

When a signal is scrambled and broadcast, it is necessary to send information of the above-mentioned keys (Ks and Kw) necessary for descrambling the signal to a receiver. In the case of broadcasting using the CAS function such as pay broadcasting, etc., it is determined whether each program is contracted to each receiver and can be received together with information on the signal descrambling key, that is, It is necessary to send information for enabling the receiver to determine whether to perform scrambling. At this time, generally, Ks and Kw necessary for receiving a certain program are information common to all receivers, but information for determining a contract is an individual information item for each receiver. The method of transmitting such related information to CATV greatly affects the business form of satellite broadcasters and CATV operators.

[0007] A broadcast program broadcast using a CAS on a first transmission line such as a satellite broadcast wave is received, and a second program such as a cable is received.
3 and 4 show a typical system configuration in the case of retransmitting to the transmission path of FIG.

FIG. 3 shows a satellite broadcast signal received at the CATV head end as it is, or a signal obtained by converting only a modulation method or a transmission frequency and retransmitting the signal to a cable. In FIG. 3, 11 is a scrambler, 12 is a descrambler, 13 and 14 are encryption means, and 15 is an S of the receiver.
An IC card provided in the TB, 16 and 17 are encryption / decryption means, 18 is a descrambling permission / inhibition determination means, 19 is a switch, and 20 is a key management center.
4, 20 are provided on the broadcast station side, and 12, 15, 1
6, 17, 18, and 19 are provided on the receiver side. These are the same as those described in FIG. Note that STB
(Set-top box) is a part for realizing the basic functions of the receiver. Further, the switch 19 may be a gate circuit (the same applies to the switches in the respective drawings described later).

[0009] In the case of FIG. 3, since the CAS uses the satellite broadcasting as it is, the same control and receiver management as in the case of directly receiving the satellite broadcasting wave can be performed on the receiver. On the other hand, there is also a system in which a CATV operator performs a pay broadcast of an original program from the head end in addition to the retransmission of a satellite broadcast program. In this case, considering the convenience of the viewer, a program for retransmission and an original program are not provided. Is desirably received by the same receiver. This can be realized in the system as shown in FIG. 3 by using the same system as that of the satellite broadcasting CAS in CATV (this system is not shown in FIG. 3). In this case, the management of the master key in the system is basically performed on the satellite broadcast side in a unified manner, and therefore, it is assumed that there is a restriction on the independence of the business of the CATV business. Therefore, when this becomes a problem in the broadcasting business, it is hard to adopt.

FIG. 4 shows a system in which a CATV head end performs a restoration process of a CAS system (hereinafter, referred to as an S-CAS system) such as a satellite broadcast, returns the signal to a normal signal, and then transmits the signal to a CATV transmission path. Is shown. In FIG.
Is a descrambler, 27 is a scrambler, 22 and 23 are encryption / decryption means, 24 is a descrambling availability determination means, 2
5 is a switch, 26 is an IC card provided in the head end receiving section, 28 and 29 are encryption means, 30 is a key management center, and 11, 13, 14, and 20 are provided on the broadcast station side. , 21, 22, 23, 24, 25, 2
6, 27, 28, 29, 30 are provided at the head end, and 12, 15, 16, 17, 18, 19 are provided at the receiver side. These are the same as those described in FIG.

The configuration shown in FIG. 4 is a mode that has been implemented since the age of analog satellite broadcasting. In the following, digital broadcasting in which digital signals are transmitted in a first transmission path such as satellite broadcasting is considered. However, retransmission to a cable includes a conventional analog transmission and a digital transmission. . In the case of analog transmission, when a signal is scrambled by satellite broadcasting or the like, descrambling is performed at the head end, and the output signal is retransmitted without scrambling, or when the CATV system uses S-CAS. A method different from the method (hereinafter, C-CAS)
In some cases, scrambling is performed and retransmission is performed. The configuration for performing scrambling is, for example, as shown in FIG. This is a form in which the basic system of FIG. 2 is provided independently in a satellite transmission line portion and a cable transmission line portion and cascade-connected. In this system, the CATV is completely managed by the CATV service, but the satellite broadcast service is controlled by the CATV service.
Subscribers within a TV cannot be directly managed individually.
That is, between the satellite broadcasting company and the head end, the reception control is performed collectively by using the IC card having the master key Km_he (master key of the head end) corresponding to the head end, and the restored program signal is transmitted. The signal is scrambled again by the C-CAS method and transmitted to the receiver of each subscriber.

[0012]

In recent years, CATV has started digital broadcasting in which signals are digitally transmitted. In digital broadcasting, as the number of programs to be broadcasted increases, new broadcasting combining various kinds of data is performed. Broadcasting with various functions is performed. In addition, it is conceivable that various charges are made for these broadcasts. Therefore, when satellite digital broadcasts and the like are retransmitted via a cable, various charges required by the satellite broadcaster in terms of program viewing and operation are required. The problem is how much the function can be realized by each receiver (the basic function is provided in the STB). In particular, studies on retransmitting a signal broadcast by satellite broadcasting or the like by digital transmission through a cable, such as a function that can be realized when performing pay broadcasting, were insufficient.

In the following, the function of the conditional access system in the case of retransmitting in CATV will be considered.

First, as for the signal scrambling method, the same case is handled in satellite digital broadcasting and cable digital broadcasting. Furthermore, the signal of the program for retransmitting the satellite broadcast is scrambled by the satellite broadcast station,
Consider a case in which the descrambling is not performed at the head end of the cable digital broadcasting, but retransmitted as it is, and descrambling is performed by the STB. At this time, it is assumed that the transmission method and the encryption method of the related information including Ks are different between the satellite digital broadcasting and the cable digital broadcasting, and different from each other.

(A) When the C-CAS method is the same as the S-CAS method This corresponds to the case of FIG. 3, and each STB can receive the same IC card as the S-CAS method. In the case of scrambled broadcasting of cable broadcasting original programs at the headend, the independence of the business becomes a problem, for example, the EMM encryption for this contract must be performed at the key management center on the satellite broadcasting side. . However, it is considered that there is no major technical problem, so it is not dealt with below.

(B) Case where C-CAS system and S-CAS system are different This corresponds to the case of the configuration of FIG. The conventional form as shown in this figure can be used in the case of analog satellite broadcasting with a small number of channels. However, the multi-channel, multi-functional signal such as digital satellite broadcasting is retransmitted to CATV, and the satellite broadcasting business The function is insufficient for the user to perform various services using the CAS without causing a security problem. In order to directly manage each subscriber via CATV, satellite digital broadcast related information destined for each subscriber is encrypted by the S-CAS method at the satellite broadcast station side, and decrypted at the cable digital broadcast head end. Then, the obtained plaintext EMM is re-encrypted by the C-CAS method and transmitted. At this time, generally speaking, at the head-end device, the EMM appears unencrypted,
It will be encrypted again. Of the information contained in this EMM, Kw is common to all receivers, and if it leaks to the outside, the security of the entire CAS method considered here will be lost.

In the above-described CAS system, Kw appears on the receiving side only in a security module such as an IC card which cannot be read from the outside, and only Ks resulting from decryption processing using the Kw appears outside the security module. That is the basis of security (even if Km of each receiver is protected, it is meaningless if Kw is known somewhere). Since the EMM encryption / decryption process is performed at the head end of cable stations nationwide, if any of them leaks from a station that does not have sufficient security measures, the security of all satellite broadcasts will be destroyed. No. On the other hand, when information other than Kw in the information included in the EMM leaks to the outside, these are information of a receiver connected to the cable operator and subscribed to the digital satellite broadcasting. However, the effect on other broadcasters is considered to be small.

According to the present invention, the required functions of the conditional access system possessed by the satellite digital broadcast are realized by being transferred to the cable side, and the related information of the related information which does not cause a security (security) problem at the time of this transfer is realized. It is intended to enable transmission. In particular, CAs at satellite digital broadcasters
It is an object of the present invention to enable a person receiving a satellite digital broadcast in a TV to be directly managed without compromising security.

[0019]

SUMMARY OF THE INVENTION In the present invention, first, in order to solve the problem that security cannot be maintained if Kw appears to the outside when related information is transferred at the head end, the satellite digital broadcasting has been developed. A method different from the related information transmission method for a general receiver is applied between the broadcasting station and the headend. That is, when an EMM for receiving a satellite digital broadcast retransmitted in a certain cable digital broadcast station is transmitted from the satellite digital broadcast station, a new related information transmission method for the head end of a cable company is applied.

Further, as described above, since the signal scrambling method in CATV is the same as that for satellite digital broadcasting, the packet of the scrambled signal is decoded at the head end and re-scrambled. No need. However, regarding the encryption of the ECM including the Ks used for the control of the descrambling, as described above, Kw used for the encryption of the ECM is, for security reasons,
It is necessary to change between the S-CAS method and the C-CAS method, and finally, it is necessary to perform decoding processing of the C-CAS method in the STB. For this reason, the ECM encryption by the S-CAS method is decrypted at the head end, and the encryption by the C-CAS method is performed again. At this time, the cable used for re-encrypting the ECM is Kw_c, and the cable used on the satellite side is Kw_s.

The EMM is generally used to identify an EMM transmission destination (receiver, STB, decoder, security module such as an IC card, etc.) (hereinafter, typically referred to as a card ID), and to encrypt an ECM. Kw, the key to
And information on the contract content of each receiver (hereinafter simply referred to as contract information). For this EMM,
In the present invention, the card ID (not encrypted) and the contract information (encrypted with the individual key of the receiver) are transmitted from the satellite
A related information transmission processing method of transferring the information to the ATV and not transferring the Kw is applied. In other words, information essential for individual control of each receiver is transferred, but transfer processing is not performed for items that are common to all receivers and have a large security impact due to leakage. Apply transmission and processing methods.

According to a first aspect of the present invention, a signal broadcasted using a first conditional access system on a first broadcast transmission path is received,
Related information including information for individually controlling a receiver for receiving a signal from the second broadcast transmission path when retransmitting to the second broadcast transmission path using the second conditional access system A first security processing unit for performing security processing on key information common to all receivers among the relevant information, and And a second security processing means for performing security processing on important information is provided separately.

According to a second aspect of the present invention, in the first aspect, the first security processing means does not output the key information common to all the receivers to the outside in a decrypted state. And

Further, according to a third aspect of the present invention, a signal broadcasted using a first conditional access system on a first broadcast transmission line is received, and a second conditional access system is transmitted to a second broadcast transmission line. A related information processing apparatus in a conditional access system for processing related information including information for individually controlling a receiver that receives a signal from the second broadcast transmission line when retransmitting the signal using the related information. A first encryption unit that encrypts the related information with a common key and sends the encrypted related information to the first broadcast transmission path, and decrypts the encrypted related information with an individual key and decrypts the related information. And a second encrypting means for transmitting to a second broadcast transmission path.

According to a fourth aspect of the present invention, in the third aspect, the related information includes identification information for identifying the receiver, and a part of the identification information includes a signal from the second broadcast transmission path. It is common to each receiving device.

Further, according to a fifth aspect of the present invention, a signal broadcasted using a first conditional access system on a first broadcast transmission line is received, and a second conditional access system is transmitted to a second broadcast transmission line. A related information processing apparatus in a conditional access system for processing related information including information for individually controlling a receiver that receives a signal from the second broadcast transmission line when retransmitting the signal using the related information. And encrypting the related information received from the first broadcast transmission channel by the second conditional access system without decrypting the portion encrypted by the first conditional access system without decoding the second broadcast transmission channel. And the related information including a work key to be newly used in the second conditional access system, and the information is encrypted with a master key for each receiver, and the second broadcast transmission is performed. And a second encrypting means for transmitting to the road. To.

According to a sixth aspect of the present invention, there is provided a receiver for receiving a signal transmitted to the second broadcast transmission line by the processing device of the fifth aspect, wherein the received signal is transmitted to each of the second conditional access systems. First decryption means for decrypting with a master key for each receiver, and in the case where the decryption results in related information encrypted by the first conditional access system,
Means for processing the related information again using the first conditional access system.

[0028]

FIG. 1 shows an embodiment of the present invention. Regarding the functions of the components included in this figure, those corresponding to the elements described with reference to FIGS. 2 to 4 are omitted or simplified in description. That is, 11 is a scrambler, 13,
14 is an encryption means, 20 is a key management center, these are provided on the broadcasting station side, 31 is an EMM filter unit, 32 and 33 are encryption / decryption means, 28 and 29 are encryption means, and 30 is an encryption means. Key management center, 34 is subscriber card ID
The setting unit, 35 is an IC card provided in the head end receiving unit, these are provided in the head end, 12 is a descrambler, 15 is an IC card, 16,
Reference numeral 17 denotes encryption / decryption means, 18 denotes descrambling permission / non-judgment means, and 19 denotes a switch, which are provided on the receiver side.

In this embodiment, the satellite broadcast program signal is scrambled by the scrambler 11, but is transferred to the STB without descrambling at the head end. Therefore, the descrambling unit 12 of the STB needs to descramble the satellite broadcast scramble.
The ECM and EMM required for this are sent to the S via the headend.
Transferred to TB. In FIG. 1, related information is encrypted by the S-CAS method on the broadcasting station side such as a satellite broadcast (Encryption I), and the ECM and EMM obtained by this encryption are CA.
In the head-end receiving unit of the TV, the data is decrypted by the decryption means 32 and 33 (details will be described later, but for the EMM, only the EMM filtered by the EMM filter unit 31 is decrypted). Re-encrypt (encryption II) by C-CAS method and ST
B. Here, from the viewpoint of security described above, Kw (Kw_s) and C-CAS in the S-CAS method are used.
It is separate from Kw (KW_c) in the method.

In digital broadcasting, ECM, EMM, EMM
Each related information of the message is transmitted in a structure called a section as shown in FIG. FIG. 6 shows a more specific configuration example of the EMM. The related information is transmitted after being encrypted. The encrypted range is not disclosed to the public in terms of security, but at least the section header is not encrypted. In addition, the EMM extracts information addressed to itself at each receiver from a large amount of transmitted information and performs encryption / decryption at the IC card. However, the extraction of information addressed to itself needs to be performed at high speed. ,
The card ID part is not encrypted. Therefore, the conventional EMM
In the section No., the contract information “contract information_i” (contract information in the i-th decoder) after the card ID part in FIG. 6 is encrypted with the i-th master key Km_i.

On the other hand, in order to directly manage a person who has subscribed to the satellite digital broadcasting in the CATV, the satellite broadcasting company performs the transfer using the EMM section by the method described below. That is, in order for a satellite broadcaster to directly manage those who subscribe to satellite digital broadcasting within CATV,
Must be forwarded to each STB, which requires C
Mass EMM of satellite broadcasting at ATV headend
It is necessary to extract and decrypt the EMM for the subscribers in each CATV from, and re-encrypt them by the C-CAS method.
To do this, it is necessary to sequentially receive all EMMs of the corresponding card ID and sequentially decrypt the encryption using the corresponding Km_i, but this Km_i is an IC that cannot be accessed from outside to maintain security. It is assumed that it exists only inside the card. Therefore, for example, IC cards for subscribers in CATV need to be placed in parallel at the head end. Such a device is not practical. For this reason, EMM is performed in the following manner.
The transfer is performed using the section.

FIG. 7 shows the EMM and E of the satellite broadcast subscriber in the CATV for the CATV headend used in the present invention.
5 shows an example of a section for sending MM individual messages. In the conventional EMM section in CATV, as shown in FIG. 8, contract information_i after each card ID_i is encrypted with a different Km_i. In contrast, the EMM section in FIG. 7 includes contract information_i after each card ID_i.
Are encrypted with the same Km_he (head-end master key).

Next, a process of receiving a section in the format shown in FIG. 7 at the head end and converting it into a section for CATV in the conventional format shown in FIG. 8 will be described with reference to FIG. At the head end, there is provided a subscriber card ID setting unit 34, in which the card ID of the STB that has subscribed to the satellite digital broadcast in the CATV, that is, needs to transfer the EMM of the satellite digital broadcast, is stored. ing. From here, each force ID is sequentially sent to the EMM filter unit 31.
To extract the EMM of the subscriber in each CATV from the satellite broadcast wave,
Are sequentially transferred to perform decryption processing.

At this time, the processing program in the head end IC card is a general satellite broadcast direct reception IC.
Different from cards. That is, although the decryption result of the EMM is stored in the IC card from the general IC card and does not appear outside, the contract information of each receiver is encrypted again by the C-CAS method in the head end IC card. Must be output to send to STB. In a general IC card (for example, 5 in FIG. 2), the EMM is expressed as Km (K
When decrypted with m_i), the contract information of Kw_s and its recipient
_i are obtained, but these are stored in the IC card,
It cannot be read from outside. When the ECM encryption is decrypted using this Kw_s, Ks and program attribute information can be obtained. This Ks is output from the IC card and supplied to the descrambler, but the program attribute information is used only for collation with the contract information in the IC card, and
There is no output from the C card to the outside. However, in the head-end IC card according to the present invention, the EMM shown in FIG. 7 is replaced with the head-end Km (Km_he).
Decryption, Kw_s and contract information_i of each subscriber in the CATV are obtained. Of these, Kw_s is stored in the IC card, while contract information_i is output to the outside as a response from the IC card. When the ECM is received, the head-end IC card decrypts the encryption using the stored Kw_s to obtain Ks and program attribute information. These are output to the outside as a response from the IC card. The output Ks and the attribute information of the program are transmitted to the Kw (Kw_Kw_
It is encrypted in (c) (Encryption II) and transmitted as CATV ECM. On the other hand, the EMM stores the CA in the contract information output from the head-end IC card for each card ID.
The Kw_c of the TV is added and the CAT is generated by the encryption means 29.
V encrypted with the master key Km_i of V
Construct and send an ATV EMM.

The configuration of the section transmitted by the CATV is the same as that of the section for directly receiving a digital satellite broadcast.
Same as the MM section. For this reason, the function and design of the STB are common to those of the IRD of satellite digital broadcasting, and the cost of the receiver can be reduced.

As described above, at the CATV head end, EMMs destined for all STBs subscribing to satellite digital broadcasting within the CATV are selectively received (filtered).
And transfers it to the IC card 35. After the data is transferred to the IC card 35, they are all decrypted with the same Km (Km_he). Filtering the EMM for all subscribers in the CATV before the transfer has no security problem in key management,
The filtering process needs to be performed at high speed. This part is a device placed at the head end of the CATV service provider, and is not required to be as simple as a general receiver, but is expected to be quite large. For this reason, in order to efficiently perform the processing of the card ID setting unit and the EMM filter unit, the card ID used for the STB for CATV (48 in the standard of satellite digital broadcasting) in operation.
It is effective to set the specific bit of (bit) as the CATV carrier code. That is, it is only necessary to extract only those having a specific bit matching the card ID and transfer the extracted bit to the IC card 35, which makes the ID collation operation extremely easy. Also, in consideration of the transfer time to the IC card, it is appropriate that the transmitting side of the satellite digital broadcast transmit the EMM to the STB in each CATV at a certain interval or more.

The EMM from the satellite broadcasting station to the receiver subscribed in the CATV can be collectively delivered to the head end using a communication line or the like without using the transmission line of the satellite broadcasting. In this case, since the reception is performed collectively at the head end, the burden on the satellite broadcasting transmission path side is reduced, but it is necessary to control the CATV side such as repetitive transmission to reliably receive the EMM (by the satellite broadcasting wave). In the case of distribution, since the data is generally repeatedly transmitted in advance, the data may be transmitted as received at the head end.)

Next, in order for each STB to receive the channel of the satellite digital broadcasting company and the channel of the CATV company with the same IC card via a cable, an EMM for receiving both channels is used. Must be managed in common. But card I
As the master key Km_i of each card for D, independent ones can be used by the satellite broadcasting company and the CATV company. In this case, the satellite broadcaster issues a corresponding headend KB to the STB subscribed within CATV.
Only m_he will be used and the other Km_i will be assigned to the IRD that receives satellites directly.

In the present invention, since the contents of the contract of each receiver in the CATV with the satellite broadcasting company appear in a state in which they are not encrypted at the head end, it is supposed that an illegal operation is performed here. As described above, this effect is limited to the CATV carrier concerned,
It does not affect the overall security, but if this security becomes a problem, the EMM is used with the encryption on the satellite broadcast side.
Need to be processed. FIG. 9 shows an example of a system configuration for realizing this. In the EMM to be encrypted on the broadcast station side, the card ID portion is not provided, and the other portions are encrypted by Kms_i in the S-CAS system. Without decoding ECM and EMM from satellite broadcast received at the headend,
Further, C-CAS is performed using the encryption means 36, 37, 38.
Encrypt with the method (Encryption II) and resend. In this case, in the IC card 15 (security module) in the STB, first, the ECM and EMM from the head end are decrypted (cryptographic decryption II) by the C-CAS method using the decryption means 39 and 40. When the EMM is that of a satellite digital broadcaster, encryption / decryption (encryption / decryption II) of the S-CAS method is further performed using the encryption / decryption means 41 and 42. In this method, the ECM does not perform decryption at the head end, and the KTV (Kw_Kw_
The encrypted data is transmitted in c). As for the EMM, the part received from the satellite broadcast is the part encrypted by the S-CAS method (KM for the i-th receiver in the S-CAS method).
(Encrypted with KMs_i) is again encrypted by the C-CAS method and transmitted to the cable. The key at this time is Kmc_i, which is the Km for the i-th receiver in the C-CAS system. In this method, it is necessary that at least a plurality of encryption algorithms of the C-CAS method and the S-CAS method and Km, that is, Kmc_i and Kms_i are mounted in a security module such as an STB IC card. In this method, Kw_ for decrypting the ECM re-encrypted with Kw_c on the cable side is further used.
It is necessary to send c to the STB, and an EMM for sending Kw_c by the encryption means 37 is separately added from the head end. This EMM is an EMM transmitted from the same satellite broadcast.
With the same card ID as Kmc_i and send. ST
In B, upon receiving the EMM addressed to itself, the EMM is transferred to the IC card and decrypted by the decryption means 40 using Kmc_i (cryptographic decryption II). If the received EMM is for transmitting Kw_c, it is stored in an IC card and used by the encryption / decryption means 39 for decrypting the ECM. If the received EMM is a re-encrypted version of the satellite broadcast EMM, the decrypted EMM is further decrypted with Kms_i by the decryption means 42 (cryptographic decryption I), and then the satellite broadcast is directly received. As with satellite broadcasting E
The CM is decrypted, the descrambling permission / non-permission is determined by the descrambling permission / non-permission determining unit 43 from the program attribute information and the contract contents, and the switch 44 is closed to output Ks.
In this method, although not shown in FIG. 9, control of a program unique to a CATV operator can be performed in the same manner by omitting the encryption / decryption I processing in the STB.

When the function of the conditional access system is used, an individual message can be sent to each receiver and displayed on a screen. In this case, the message is sent using the section of the EMM message, but in order to improve the transmission efficiency, the individual message addressed to each receiver is sent with the number of the fixed text to be displayed, and the actual message content is separately set to the fixed text number. There is a method of sending a message as a common message to all receivers marked with. When sending a message to a particular receiver by satellite digital broadcasting in such a manner, the receiver is re-transmitted CA
When in a TV, a mechanism for transferring related information at the head end is required. This can also be transmitted by the system of the embodiment shown in FIG. 1, for example. At this time, since the contents of the fixed text message common to all the receivers are standards that are not encrypted, the EMM message section is stored in the head end without any special processing.
Can be transferred to ATV. On the other hand, an individual message section indicating a fixed-form sentence number different for each receiver is encrypted with Km_i like the EMM, so that it is essentially the same as the EMM transmission described in the present invention. However, in the case of an EMM message, Kw for decrypting the ECM encryption is not sent, so that matters relating to the security of Kw are irrelevant and can be realized more easily than the problem of EMM transfer.

[0041]

According to the present invention, a signal broadcast using the first conditional access system on a first broadcast transmission line such as a satellite broadcast is received, and the signal is transmitted to a second broadcast transmission line such as a CATV. When retransmitting using the second conditional access system, the related information including information for individually controlling a receiver for receiving a signal from the second broadcast transmission path is impaired in security. You can transfer without.

[Brief description of the drawings]

FIG. 1 is a diagram showing a system configuration according to an embodiment of the present invention.

FIG. 2 is a diagram showing a basic system configuration of a conditional access system (CAS).

FIG. 3 is a diagram showing a conventional system configuration.

FIG. 4 is a diagram showing another conventional system configuration.

FIG. 5 is a diagram showing a configuration of a section for transmitting related information (ECM, EMM) in digital broadcasting.

FIG. 6 is a diagram illustrating a configuration example of a section for transmitting an EMM.

FIG. 7 is a diagram showing a configuration of an EMM section used in the present invention.

FIG. 8 is a diagram showing a configuration of an EMM section transmitted to a receiver.

FIG. 9 is a diagram illustrating a system configuration according to an embodiment of the present invention.

[Explanation of symbols]

1,11 Scrambler 2,12,27 Descrambler 3,4,13,14,28,29,36,37,38
Encryption means 5, 15, 35 IC card 6, 7, 16, 17, 22, 23, 32, 33, 39,
40, 41, 42 encryption / decryption means 8, 18, 24, 43 descrambling availability determination means 9, 19, 25, 44 switch 10, 20, 30 key management center 31 EMM filter 34 subscriber card ID setting unit

Claims (6)

[Claims] 1. A signal broadcasted using a first conditional access system on a first broadcast transmission path, and retransmitted on a second broadcast transmission path using a second conditional access system. In this case, the related information processing apparatus in a conditional access system that processes related information including information for individually controlling a receiver that receives a signal from the second broadcast transmission path, Among them, a first security processing means for performing security processing on key information common to all receivers and a second security processing means for performing security processing on information individual to each receiver are separately provided. A related information processing apparatus in a conditional access system. 2. The conditional access system according to claim 1, wherein said first security processing means does not output key information common to all said receivers to the outside in a decrypted state. Related information processing device. 3. A signal broadcasted using a first conditional access system on a first broadcast transmission path, and retransmitted on a second broadcast transmission path using a second conditional access system. In this case, the related information processing apparatus in a conditional access system that processes related information including information for individually controlling a receiver that receives a signal from the second broadcast transmission path, A first encrypting means for encrypting with a common key and transmitting the encrypted information to the first broadcast transmission path;
And a second encrypting means for transmitting the related information to a broadcast transmission path. 4. The receiver according to claim 3, wherein the related information includes identification information for identifying the receiver, and a part of the identification information is transmitted to each receiver that receives a signal from the second broadcast transmission path. An apparatus for processing related information in a conditional access system, which is common. 5. A signal broadcasted using a first conditional access system on a first broadcast transmission path, and retransmitted on a second broadcast transmission path using a second conditional access system. In this case, the related information processing apparatus in a conditional access system that processes related information including information for individually controlling a receiver that receives a signal from the second broadcast transmission path, The first of the related information received from the broadcast transmission path;
A first encrypting means for encrypting a portion encrypted by the conditional access system without decrypting the data by the second conditional access system and transmitting the encrypted portion to the second broadcast transmission line without decrypting the second conditional access system; And second encryption means for adding related information including a work key to be newly used, encrypting the information with a master key for each receiver, and transmitting the encrypted information to the second broadcast transmission path. Related information processing device in the conditional access system to be used. 6. A receiver for receiving a signal transmitted to the second broadcast transmission line by the processing device according to claim 5, wherein a master key for each receiver in the second conditional access system is used to transmit the received signal. A first decryption unit for decrypting the relevant information, and as a result of the decryption, when the related information encrypted by the first conditional access system is obtained, the related information is re-used by using the first conditional access system. And a means for processing the related information in the conditional access system.