CA2049083C - Information processing apparatus with replaceable security element - Google Patents

Information processing apparatus with replaceable security element Download PDF

Info

Publication number
CA2049083C
CA2049083C CA002049083A CA2049083A CA2049083C CA 2049083 C CA2049083 C CA 2049083C CA 002049083 A CA002049083 A CA 002049083A CA 2049083 A CA2049083 A CA 2049083A CA 2049083 C CA2049083 C CA 2049083C
Authority
CA
Canada
Prior art keywords
key
security element
data
information processor
authentication key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
CA002049083A
Other languages
French (fr)
Other versions
CA2049083A1 (en
Inventor
James Neil Esserman
Paul Moroney
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Arris Technology Inc
Original Assignee
General Instrument Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Family has litigation
First worldwide family litigation filed litigation Critical https://patents.darts-ip.com/?family=24273628&utm_source=google_patent&utm_medium=platform_link&utm_campaign=public_patent_search&patent=CA2049083(C) "Global patent litigation dataset” by Darts-ip is licensed under a Creative Commons Attribution 4.0 International License.
Application filed by General Instrument Corp filed Critical General Instrument Corp
Publication of CA2049083A1 publication Critical patent/CA2049083A1/en
Application granted granted Critical
Publication of CA2049083C publication Critical patent/CA2049083C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/436Interfacing a local distribution network, e.g. communicating with another STB or one or more peripheral devices inside the home
    • H04N21/4367Establishing a secure communication between the client and a peripheral device or smart card
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs
    • H04N21/4405Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs involving video stream decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/167Systems rendering the television signal unintelligible and subsequently intelligible
    • H04N7/1675Providing digital key or authorisation information for generation or regeneration of the scrambling sequence

Abstract

A field upgradeable security system deciphers signals received from a communication network. An information processor (10) include, a receptacle for receiving a replaceable security element (12). The replaceable security element generates a working key (WK) necessary to the operation of the information processor. The working key is communicated to the information processor encrypted under a secret key (A(M)). The information processor decrypts the encrypted working key for use in deciphering a received communication signal. additional layers of encryption (A(C), U(M), U(C)) can be added to the communications between the information processor and security element to increase the level of security.

Description

~~a~
The present a.nventian relates generally to security apparatus for information processing systems, and more particularly to apparatus far selectively controlling 'the deciphering of information signals, such as scrambled television programs.
There are many schemes available far controlling the remote descrambling of television signals. Such schemes are necessary ~to maintain security in subscription ~elevisian systems, including cable television systems and satellite television systems. Typically, a system subscriber is provided with a descrambler connected between a television signal source (e.g., cable feed ar satellite receiver) and a television set. Each subscriber's descrambler is remotely accessed by the system operator to enable or disable the receipt of specific services such as the Hame Box Office movie channel ax special pay°per°view sports events. One problem with such systems isthat "pirates" axe apt to break the system security and sel:L "black boxes°' that enable 'the reception of all prog~hmming without paying for the services received. Tt has been difficu:t.t and expensive fo:r system opera~tox~s to contend with the piracy problem. Once a particular
2 security system is breached, the system operator must usually replace all existing descramblers with new units that operate with a different security algorithm. This solution is not cost effective.
Various systems have been designed to make piracy more difficult. One such system is disclosed in U.S. patent 4,613,901 to Gilhousen, et al entitled "Signal Encryption and Distribution System for Controlling Scrambling and Selective Remote Descrambling of Television Signals", In the Gilhousen, et al system, a "working key" signal is generated in accordance with the well known data encryption standard ("DES") security algorithm, after the algorithm is keyed by either a common category key signal or some other key signal. A
unique encryption key stream is generated by processing an initialization vector signal in accordance with the DES algorithm when the algorithm is keyed by the working key signal. A television signal is scrambled in accordance with the unique encryption key stream to provide a scrambled television signal. A plurality of unique encrypted category key signals individually addressed to different selected subscribers' descramblers are generated by processing the initial common category key signal in accordance with the DES algorithm when the algorithm is keyed by a plurality of different "unit key"

signals associated with different descramblers. The scrambled television signal, initialization vector signal, and plurality of encrypted category key signals are broadcast to the descramblers. At each descrambler, the encryption key stream is reproduced 'to descramble the television signal, Each descrambler has its unique unit key signal stored in memory for use in reproducing the cammon category key signal when the descrambler is addressed by its unique encrypted category key signal. 1By using the DES algorithm, the Gilhousen, e~t as system provides a high level of security, making it difficult and expensive for a pirate to reproduce the working key.
other selective subscription descrambling systems are disclosed in ~ilhousen, et al U.S.
Patents 4,712,238 and 4,792,973. These patents provide improved systems.for enabling descrambling of a received scrambled signal on an impulse-purchase basis. U.S. Patemt 4,634,808 to Moerder discloses a system for reproducing a key signal in a descrambler that is unique to the descrambler, and was used in encrypting a key signal that must be decrypted for use in descrambling a television signal. However, no security system is unbreakable, and determined pirates can be expected to ultimately prevail.
Tt would be advantageous to provide an improved system in which security can be economically upgraded after a breach. It would be furtYaer advantageous if the security upgrades could be made in the field lay the simple replacement of a relatively low cost security element containing a new security algorithm. The security element should be replaceable by a subscriber in his home without any need for a visit from service personnel.
It would also be advantageous to protect ttie interface between the subscriber's descrambler and the replaceable security element, so that others could not easi7.y manufacture their own security elements to defeat the system or to use the descrambler for other unauthorized purposes. If the wrong security element .is installed, the descrambler must not work.
The present invention provides an upe~radeable security system, an information processor, and a replaceable security element that enjoy 'the aforementioned advantages.

~~~~«
Tn accordance with the present invention, a field upgradeable security system is,provided for deciphering signals received from a communication network. An information processor includes a receptacle for receiving a replaceable security elamewt. The replaceable security element includes means for generating a working key, means for encrypting the working key with a secret key, and means for communicating the encrypted working key to the information processor. The information processor decrypts the encrypted working key for use in deciphering a received communication signal..
Tn a preferred embodiment, the secret key comprises a first authentication key associated with the information processor. the first authentication key is securely communicated to the security element for use in encrypting the caorking key. A second authentication key is associated with the security ~0 element. Means are provided for securely communicating the second authentication key to the information processor. The security element then encrypts the working key with both 'the first and second authentication keys.
The information processor can further comprise a first unit key associated therewith and means for receiving the second authentication key encrypted under the first unit key. Means are provided for decrypting the received second authewtication key VJ
for subsequent use in decrypting the working key.
Similarly, the security element can comprise a second unit key associated therewith and means for receiving the first authentication key encrypted under the second unit key. The rece~.ved first authentication key is decrypted by the security element for subsequent use in encrypting the working key prior to communicating it to the information processor.
Tn order to generate the working key, the security element requires input data that can be securely communicated to it via the information processor. The informatx.on .processor receives the data in an encrypted form from a °°trusted center", decrypts it at least in part, and then further encrypts it for communication to the security element. In a preferred embodiment, the data is received by the information processor encrypted under at least the second unit key, and communicated from the information processor to the security element under the second unit key and at least one of the authentication keys.
In another embodiment, a replaceable security element is provided for use in combination with era z5 information processor having a secret cryptographic key. The security element receives data for use z.n generating a working lr.ey. ~.Clae security e~.emewt:
receives the secret key via an encrypted communication, and decrypts the secret key for use in encrypting the working key. The encrypted working key is 'than communicated to the information processor by the security element for use in processing an information signal. In a preferred implementation, the secret key is received by the security element encrypted under a unit key associated therewith. An additional cryptographic key may be associated with the security element, and the working key may be encrypted with both the secret and additional keys. The data received by the security element for use in generating the working key may also be encrypted under at least one of 'the secret and unit keys. :In this event, the security element comprises means for decrypting the received data.
An information processor is provided for use in combination with a replaceable security element.
Means are provided within the information processor for receiving the security element. A secret cryptographic key is associated with and stored in the information processor. Means are provided far receiving a working key, encrypted under the secrwt:
key, from the security elemewt. The received working key is decrypted and used to process an information signal. Tn a preferred embodiment, an additional cryptographic 3cey associated with the security element is received and stored. ~.L'he received working key is encrypted under the secret key and the additional key for decryption and use by the information ,processor.

%~~
The information processor can also include means for receiving data for use by the security element in generating the working key. Means are provided for communicating the data to the security element. Means may also be provided for encrypting the data under one or both of the secret and additional keys before it is communicated to the security element.
Tkae information processor can further comprise means for receiving and storing characteristic information (e.g., an address) identifying the security element and means for screening the received data, on the basis of the characteristic information, for selective communication to the security element. The information signal processed by the information processor can comprise a scrambled communication signal to be descrambled.
Means can be provided for enabling and disabling the security element in response to a received control ~0 signal, and for descrambling eommunica~tion signals according to a default descrambling algorithm ira the absence of an enabled security element.

b>~ . v ~'~ ~~ ~~ ~:~ ~ ~3 a~
Figure 1 is a block diagram illustrating an information processor and replaceable security e7.ement in accardance with the present invention;
k'igure 2 is a diagram illustrating the information flaw to 'the informatian processor and the security element during initialization of a new security elements and Figure 3 is a diagram illustrating the information flow of data to the information processor and security element and the communication of the encrypted working key from the security element to the information processor in accordance with the present inventions The present invention provides a system for recovering from security compromises in an information processing system, such as a satellite television communication network. Ifi an illustrated 5 embodiment, a replaceable security element is coupled to a satellite television descrambler for use in generating working keys that are subsequently communicated to the descrambler to enable the descrambling of received signals. The security 10 element is a relatively low cost device that is replaced with a new security element operating with a different security algorithm each time a prior security element on its algorithm has been breached.
The security element can comprise, for example, a credit card sized "smart card" or a cartridge containing a microprocessor based working key generator together with various supporting components.
Turning to Figure 1, an information processor ("module") generally designated 10 is provided. Information processor 10 can comprise a descrambler module such as the VideoCipher II Plus'D°
descrambler module manufactured by General Instrument Corporation for use in connection with the VideoCipher line of satellite receivers.
Information processor 10 includes all of the components of the VideoCipher II Plus' descrambler module, including a microprocessor 14 and ROM 16 for storing program instructions for the microprocessor.
A cryptographic processor ("crypto") 24 is also provided in the VideoCipher II Pluses descrambler module, coupled to microprocessor 14 via bus 18, for effecting signal descrambling on the basis of a working key signal as set forth in the aforementioned Gilhousen, et al U.S. Patent 4,613,901.
In accordance with the present invention, information processor 10 also includes several new components. These are a key and address random access memory ("RAM") 20 and a message filter and interface circuit 22. Key and address RAM 20 stores a secret key for the information processor and a unique address assigned to a security element generally designated 12.
Message filter and interface 22 uses the security element address stored in RAM 20 to determine what messages received from the communication network (e. g., satellite television system) at input terminal 11 are specifically addressed to security element 12. The message filter discards all messages not intended for its associated security element 12.
It should be appreciated that other methods exist for providing messages to specific security elements. For example, data sent to a security element by a trusted center can be communicated to the associated information processor with instructions for passing the data on to the security element. The data itself can be encrypted under the information processor unit key to prevent its use by any other information processor and security element combination.

Information processor 10 and security element 12 are connected via signal path 26 and their respective interfaces 22, 36. Signals flowing from information processor i0 to security element 12 include 'the data required by the security element to generate working keys and data identifying a secret "authentication" key uniquely associated with the information processor. In a preferred embodiment, security element 12 also has its own authentication key, which can be preloaded upon manufacture or subsequently received by the security element via path 26 from data input to the information processor at terminal 11. The working keys required by crypto 24 to descramble an information (e. g., television) signal are also communicated over path 26, from security element 12 to information processor 10.
Tn accordance with the present invention, the working keys are encrypted by security element 12 with the secret authentication )cey of information processor 10. The encryption of the working keys with the information processor's secret key provides a substantial advantage in the presewt system. In particular, a security element that does not know the information processor's secret authentication key will be unable to properly encrypt working keys for txse by crypto 24. Fven if a security element were provided that could generate the necessary worlcing keys, there would be no way to intelligibly 'transfer the working keys to the infor~na~tion processor without knowledge of the secret key. Any information that an improper security element transferred to information processor 10 withowt encryption under the secret key would be processed by crypto 24, but would not result in a properly descrambled signal. Therefore, there is no need to disable information processor ~.p if an unauthorised security element is connected to it. If the wrong security element is installed, the system simply 1o will not work.
Security element 12 includes a cryptographic processor 34 that operates in combination with a microprocessor "working key generator" 28 to provide the working keys. Those skilled in the art will appreciate that the functions of working key generator 28 and cryptographic processor 34 can be provided in a single microprocessor. Data for generating the working keys, which can comprise, for example, a category key and program key transmitted by a trusted center as disclosed in the aforementioned U.S. Patent 4,613,901, is preferably received via path 26 in an encrypted Norm. Crypto 34 decrypts the encrypted data and passes it to working key generator 28 via bus 32. Program instructions containing the security algorithm used by working key generator 28 are stored in Rohl 30.
It is noted that the security a:Lgorithm could alternately be contained in special purpose trardware ~tha~t is part. of 'the working key generator. .An example of a known security algorithm is the DES
algorithm previously mentioned. New security algorithms will be developed for each version of security element that is used to replace a prior version breached by a pirate. In this manner, each time a pirate breaks a system, all that the system operator has to do is to send out new security elements to all authorized subscribers. The subscribers replace the old security element with the new one, and once the existing subscriber base has been upgraded all signals for the breached system are terminated. A pirate will then have to break the new system, at which time it will be replaced by a subsequent system.
During the transition from an old security system to a new security system, authorization signals can be transmitted for both systems. Alternately, crypto 24 in information processor 10 can resort to a default descrambling algorithm until all subscriber units have been upgraded. The default algorithm can be one previously used in existing VideoCipher II Plus descrambler modules.
Nonvolatile memory (e. g., key RAM 38) is provided in security element 12 to store the secret authentication key of information processor 10 for use by crypto 34, e.g., in encrypting the working keys prior to transmission via interface 36 and path 26 to information processor 10. Key RAM 38 will also store any other keys necessary in the specific implementation used by security element 12, such as a unique unit key and/or authentication lc.ey associated with the security element. :Power for security element 12 can be provided by a battery contained 'therein or from a power supply in information processor 10 via path 2~.
When it becomes necessary to implement a security upgrade, each subscriber is provided with a new security element. Upon installation of the new security element, an initialization routine takes place. This can be effected, for example, by instructing the subscriber to call a toll free telephone number to enable 'the receipt of an initialization message from a trLls'ted center via 'the satellite receiver. This is referred to as "remote initialization". Alternately, the security element andfor information processor can be programmed to automatically request (e. g., via a telephone modem) remote initialization upon installation of a new security element. :fin a different embodiment, the security element is pre-initialized with the necessary initialization data by the system operator prior to sending it to 'the subscriber.
The flow of information to the information processor and security element during remote initialization is illustrated in Figure 2. At ini~tializa~tion, the cryptographic processor 2,4 of information processor 10 will receive a message instructing it to ga into security elemc-ant support as~~~~~t~~
z s ~~ r mode. Tf the specific implementation provides for message filtering by 'the information processor on the basis of a security element address, the security element's address (SE address) will also be received. Tn addition, a security element authentication key (A(C)) encrypted under a unit key (U(M)) uniquely assigned to the information processor will be received. These signals are indicated at box 40.
Crypto 24 will decrypt the security element°s authentication key and store it in secure RAM 20.
Tt will also store the security element's address in RAM 20 if required for subsequent message filtering.
The remote initialization message will also ~.5 contain a unit addressed message to crypto processor 34 of security element 12 containing the information processor's secret authentication key (A(M)) encrypted under~a unit key (U(C)) assigned to the security element. In the event remote initialization is not used, all of the necessary initialization data will be loaded into the security element prior to forwarding it to the subscriber.
Tmmediately,after initialization, the data necessary to enable the security element to generate the working keys required by crypto 24 will be transmitted via satellite or other means (e. g., telephone), to enable authorized television signals to be descrambled. Tn the event remote in9.~tialization is not used, information not frequently broadcast (i.e., the category key) can be sent ahead of time and stored by the information processor for later transfer to the security element.
An information processor can be remotely placed into "stand alone" mode, for use without security element 12. In this mode, it will operate functionally in the same manner as known VideoCipher II Pluses descrambler modules, except that in remote initialization situations, it will always look for security element initialization messages that are addressed to it.
When the information processor receives a remote initialization message to enable security element support mode, it must decrypt the security element's authentication key (A(C)) and store it in nonvolatile secure memory (e.g., key and address RAM 20) as indicated at box 42 of Figure 2. The information processor must also store the security element's unit address in nonvolatile memory 20, for implementations where security element addressable message filtering is provided. It will then pass its own authentication key (A(M)) encrypted by the security element unit key (U(C)) to the security element, which will decrypt the module authentication key and store it in key RAM 38 as indicated at box 44. Crypto 24 will then function in security element support mode.

When crypts ~4 is in security element support mode, its funotional.i~ty changes. :C~:. will receive and process messages far both itself and fox crypts 34 of the security element, and will also receive and process 'the data needed by the security element far use in generating the working keys. If -the information processor receives a message to return to stand alone mode, it will do sa and disable the security element interface.
In a preferred embodiment, all secure values that cross the interface between the information processor and security element are encrypted (or decrypted) by the authentication keys of both 'the information praeessor and the security element. 1'he status of the secure values passed 'to the in.farmation processor and between the infarmatian processor and the security elememt are illa.astrated in Figure 3. ~1s can be seen, when information processor 10 receives a "category key" ("GIC") resessage (bores 50, 52), which key is part of the data used by the security element to generate working keys, it must decrypt the exacrypted category key (EutM'Du<u> (CK) ) using its own unit key (U (M) ) . and then it must decrypt the result under its own authentication key (A(M)) (which is known to the security element) before passing this field out 'to the security element (bn~c 54). mhe second decryption (Dp(ht) (~ucc~ (C~) ) ) is used to protect data and is not actually doing tkie :i.x~verse of a previous encrypt.

In a similar manner, the information processor must decrypt the category encrypted program keys (EcK(PIC)), which are used by the security elemewt to generate working keys, by both its awthentication key (A(M)) and the security element's authentication key (A(C)) before communicating the message to security element 12. This is depicted at box 54.
A frame count message (additional data used in generating the working keys) goes out to the security element without encryption as indicated at box 54.
The only values that are communicated by the security element to 'the information processor, as indicated at trae outpwt of box 56, are encrypted working keys. As shown, the working keys are encrypted under both the security element's authentication key (A(C)) and the information processor's authentication key (A(M)). Information processor crypto 24 must decrypt 'the working keys by its own authentication key and then by the security element's authewtication key. Tt then passes the clear working key to initialize key stream generation in a conwemtional manner. Since the working key is receiued by crypto 24 encrypted by the information processor°s secret authentication key, there is no way to breach the interface wit:kZaut knowledge of the secret authentication lcey. When in the security element support mode, the informat:Lon processor crypto 24 must always decrypt incoming working keys.

a As should be apparent, the only fob of the security element is 'to produce encrypted working keys. Because of its limited funct.i.onality, it can be manufactured at a l.ow cost. The derivation of 5 working keys from the data forwarded to 'the security element will depend on the particular security algorithm used. 'this algorithm should be different for every version of the security element, to maintain the difficulty of breaking each new 10 version.
Tt should now be appreciated that 'the present invention provides a field upgradeable security system that can be used for deciphering signals received from a communication network. As one 15 version of security is breached, a new version is implemented by replacing loca cost security elements that provide working keys to an information processor. Ttae working keys are communicated fram the security element to the information processor in 20 an encrypted form under a secret key known only ~to the information processor and an awthorized security element. In order to obtain the secret key, the unit key of the security element must be correct, since the secret key is communicated to the security element encrypted under the unit key.
Although the invention has been described in connection with a specific embodimewt thereof, those skilled irz the art will appreciate that numerous ~~~~a~~' adaptations and modifications may be made thereto, withotx~t departing from the spirit and ucope of the invention, as set forth in the fol7.owing claims.

Claims (36)

THE EMBODIMENTS OF THE INVENTION IN WHICH AN EXCLUSIVE
PROPERTY OR PRIVILEGE IS CLAIMED ARE DEFINED AS FOLLOWS:
1. A field upgradeable security system for processing signals comprising:
an information processor (10) having:
a receptacle (26) for receiving a replaceable security element (12):
means (11) for receiving data in an encrypted form;
means (14,20,24) for at least partially decrypting the received data; and means (22,26) for communicating the at least partially decrypted, received data to said security element for use in generating a working key;
said replaceable security element (12) including:
means (28) for generating said working key;
means (34) for encrypting said working key with a secret key; and means (36,26) for communicating the encrypted working key to said information processor for decryption and use in processing a signal.
2. A system in accordance with claim 1 wherein said information processor comprises:
means (14,20,20 for further encrypting said data before communicating it to said security element.
3. A system in accordance with claim 2 wherein:
said secret key comprises a first authentication key (A(M)) assigned to said information processor;
said means for further encrypting encrypts said data under said first authentication key before communicating it to said security element; and said security element includes means for decrypting said data with said first authentication key.
4. A system in accordance with claim 3 wherein:
said security element includes a second authentication key (A(C)) assigned thereto; and said means for further encrypting encrypts said data under said second authentication key and said first authentication key before communicating it to said security element.
5. A system in accordance with claim 2 wherein:
said security element includes an authentication key (A(C)) assigned thereto; and said means for further encrypting encrypts said data under said authentication key before communicating it to said security element.
6. A system in accordance with claim 1 wherein:
said data is received by the information processor encrypted under a first unit key (U(M)) assigned to said information processor and a second unit key (U(C)) assigned to said security element;
said information processor partially decrypts said data with said first unit key;
the partially decrypted data is communicated to said security element still encrypted under said second unit key; and said security element decrypts said data with said second unit key for use in generating said working key.
7. A system in accordance with claim 6 wherein:
said secret key comprises a first authentication key (A(M)) assigned to said information processor;
said information processor comprises means for further encrypting said data under said first authentication key before communicating it to said security element; and said security element includes means for decrypting said data with said first authentication key.
8. A system in accordance with claim wherein:
said security element includes a second authentication key (A(C)) assigned thereto; and said means for further encrypting encrypts said data under said second authentication key before communicating it to said security element.
9. A system in accordance with claim 6 wherein:
said security element includes an authentication key (A(C)) assigned thereto; and said information processor comprises means for encrypting said data under said authentication key before communicating it to said security element.
10. A system in accordance with claim 1 wherein said security element further comprises:
an authentication key (A(C)) assigned thereto; and means for encrypting said working key with said authentication key in addition to said secret key for communication to said information processor;
wherein said information processor includes means for decrypting said working key with both said authentication key and said secret key.
11. A field upgradeable security system for processing signals comprising:

an information processor (10) having a secret first authentication key (A(M)) assigned thereto aced a receptacle (26) for receiving a replaceable security element (12);
said replaceable security element including:
a second authentication key (A(C)) assigned thereto, means (28) for generating a working key, means (34) for encrypting said working key with said first authentication key and said second authentication key, and means (36,26) for communicating the encrypted working key to said information processor;
wherein said information processor includes:
means (14,20,24) for decrypting the encrypted working key for use in processing a signal.
12. A system in accordance with claim 11 wherein said security element includes:
a unit key (U(C)) assigned thereto;
means (26,36) for receiving data from said information processor encrypted under said unit key;
and means (34) for decrypting said data with said unit key fox use in generating said working key.
13. A system in accordance with claim 12 wherein:
said information processor comprises means (14,20,24) for encrypting said data under said first authentication key before communicating it to said security element; and said security element includes means (34) for decrypting said data with both said unit key and said first authentication key.
14. A system in accordance with claim 13 wherein:
said information processor comprises means (14,20,24) for encrypting said data under said second authentication key before communicating it to said security element; and said security element includes means (34) for decrypting said data with said unit key, said first authentication key, and said second authentication key.
15. A system in accordance with claim 12 wherein:
said information processor comprises means (14,20,24) for encrypting said data under said second authentication key before communicating it to said security element; and said security element includes means (34) for decrypting said data with said unit key and said second authentication key.
16. A system in accordance with claim 11 wherein:
said information processor comprises means (14,20,24) for encrypting said data under said first authentication key before communicating it to said security element; and said security element includes means (34) for decrypting said data with said first authentication key fox use in generating said working key.
17. A system in accordance with claim 16 wherein:
said information processor comprises means (14,20,24) for encrypting said data under said second authentication key before communicating it to said security element; and said security element includes means (34) for decrypting said data with said first authentication key and said second authentication key,
18. A system in accordance with claim 11 wherein:
said information processor comprises means (14,20,24) for encrypting said data under said second authentication key before communicating it to said security element; and said security element includes means (34) for decrypting said data with said second authentication key.
29 1.9. A replaceable security element, for use in combination with an information processor having a secret cryptographic key, comprising:
means (28) for generating a working key for use by said information processor in processing a signal;
means (26,36) for receiving said secret key;
means (34) for encrypting said working key with said secret key and an authentication key (A(C)) associated with said replaceable security element; and means (36,26) for communicating the encrypted working key to said information processor.
20. A security element in accordance with claim 19 further comprising:
means (26,36) for receiving data encrypted under a unit key (U(C)) assigned to said security element, and means (34) for decrypting the encrypted data with said unit key for use in generating said working key.
21. A security element in accordance with claim 20 wherein said data is received encrypted under said unit key and said secret key, and said decrypting means decrypt the encrypted data with both said unit key and said secret key for use in generating said working key.
22. A security element in accordance with claim 21 wherein said data is received encrypted under said unit key, said secret key, and said authentication key, and said decrypting means decrypt the encrypted data with said unit key, said secret key and said authentication key for use in generating said working key.
23. A security element in accordance with claim 20 wherein said data is received encrypted under said unit key and said authentication key, and said decrypting means decrypt the encrypted data with said unit key and said authentication key for use in generating said working key.
24. A security element in accordance with claim 19 further comprising:
means (26,36) for receiving data encrypted under said secret key, and means (34) for decrypting the encrypted data with said secret key for use in generating said working key.
25. A security element in accordance with claim 24 wherein said data is received encrypted under said secret key and said authentication key, and said decrypting means decrypt the encrypted data with said secret key and said authentication key for use in generating said working key.
26. A security element in accordance with claim 19 further comprising:

means for receiving data encrypted under said authentication key, and means for decrypting the encrypted data with said authentication key for use in generating said working key.
27. An information processor, for use in combination with a replaceable security element, comprising:
an interface (22,26) for receiving a replaceable security element;
means (11) for receiving data in an encrypted form;
means (14,20,24) for partially decrypting the received data; and means (14,22,26) for communicating the partially decrypted, received data via said interface to said security element for use in generating a working key.
28. An information processor in accordance with claim 27 comprising:
means (14,20,24) for further encrypting said partially decrypted data before communicating it to said security element.
29. An information processor in accordance with claim 28 further comprising:
a secret key (A(M)) assigned to said information processor;

wherein said partially decrypted data is further encrypted under said secret key before communicating it to said security element.
30. An information processor in accordance with claim 29 wherein:
said partially decrypted data is further encrypted under an authentication key (A(C)) assigned to said security element before communicating it to said security element.
31. An information processor in accordance with claim 28 wherein:
said partially decrypted data is further encrypted under an authentication key (A(M)) assigned to said security element before communicating it to said security element.
32. An information processor in accordance with claim 27 wherein:
said data is received encrypted under a first unit key (U(M)) assigned to said information processor and a second unit key (U(C)) assigned to said security element;
said information processor partially decrypts said data with said first unit key; and the partially decrypted data is communicated to said security element still encrypted under said second unit key.
33. An information processor in accordance with claim 32 further comprising:

a secret key (A(M)) assigned to said information processor; and means (14,20,24) for further encrypting said partially decrypted data under said secret key before communicating it to said security element.
34. An information processor in accordance with claim 33 wherein:
said partially decrypted data is further encrypted under an authentication key (A(C)) assigned to said security element before communicating it to said security element.
35. An information processor in accordance with claim 32 wherein:
said partially decrypted data is further encrypted under an authentication key (A(C)) assigned to said security element before communicating it to said security element.
36. An information processor, for use in combination with a replaceable security element, comprising:
means (22,26) for receiving a working key from said replaceable security element (12), said working key encrypted with a first authentication key (A(M)) assigned to said information processor and a second authentication key (A(C)) assigned to said security element, and means (14,20,24) for decrypting the encrypted working key for use in processing a signal.
CA002049083A 1990-08-17 1991-08-13 Information processing apparatus with replaceable security element Expired - Lifetime CA2049083C (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US07/568,990 1990-08-17
US07/568,990 US5111504A (en) 1990-08-17 1990-08-17 Information processing apparatus with replaceable security element

Publications (2)

Publication Number Publication Date
CA2049083A1 CA2049083A1 (en) 1992-02-18
CA2049083C true CA2049083C (en) 2000-01-25

Family

ID=24273628

Family Applications (1)

Application Number Title Priority Date Filing Date
CA002049083A Expired - Lifetime CA2049083C (en) 1990-08-17 1991-08-13 Information processing apparatus with replaceable security element

Country Status (11)

Country Link
US (1) US5111504A (en)
EP (1) EP0471373B1 (en)
JP (1) JP2930149B2 (en)
KR (1) KR100188425B1 (en)
AT (1) ATE185461T1 (en)
AU (1) AU632704B2 (en)
CA (1) CA2049083C (en)
DE (1) DE69131680T2 (en)
ES (1) ES2137923T3 (en)
IE (1) IE912876A1 (en)
NO (1) NO179160C (en)

Families Citing this family (101)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5237610A (en) * 1990-02-01 1993-08-17 Scientific-Atlanta, Inc. Independent external security module for a digitally upgradeable television signal decoder
JP3065738B2 (en) * 1991-10-11 2000-07-17 株式会社東芝 Computer system
FI94008C (en) * 1992-09-04 1995-06-26 Salon Televisiotehdas Oy Decoder system for a video signal
US5367516A (en) * 1993-03-17 1994-11-22 Miller William J Method and apparatus for signal transmission and reception
US5995539A (en) * 1993-03-17 1999-11-30 Miller; William J. Method and apparatus for signal transmission and reception
US6771617B1 (en) 1993-06-17 2004-08-03 Gilat Satellite Networks, Ltd. Frame relay protocol-based multiplex switching scheme for satellite mesh network
US5434850A (en) 1993-06-17 1995-07-18 Skydata Corporation Frame relay protocol-based multiplex switching scheme for satellite
ATE189570T1 (en) * 1994-02-24 2000-02-15 Merdan Group Inc METHOD AND DEVICE FOR ESTABLISHING A CRYPTOGRAPHIC CONNECTION BETWEEN ELEMENTS OF A SYSTEM
US5787172A (en) * 1994-02-24 1998-07-28 The Merdan Group, Inc. Apparatus and method for establishing a cryptographic link between elements of a system
US5426701A (en) * 1994-02-28 1995-06-20 General Instrument Corporation Of Delaware Cable television converter box with a smart card connector underneath
US6298441B1 (en) 1994-03-10 2001-10-02 News Datacom Ltd. Secure document access system
IL111151A (en) * 1994-10-03 1998-09-24 News Datacom Ltd Secure access systems
ES2117495B1 (en) * 1994-05-18 1999-04-01 Penta 3 S A CRYPTOGRAPHIC SYSTEM.
EP0765560A1 (en) 1994-06-08 1997-04-02 Hughes Aircraft Company Apparatus and method for hybrid network access
US6473793B1 (en) * 1994-06-08 2002-10-29 Hughes Electronics Corporation Method and apparatus for selectively allocating and enforcing bandwidth usage requirements on network users
US6701370B1 (en) 1994-06-08 2004-03-02 Hughes Electronics Corporation Network system with TCP/IP protocol spoofing
AU684184B2 (en) * 1994-06-15 1997-12-04 Thomson Consumer Electronics, Inc Smart card message transfer without microprocessor intervention
DE4420970A1 (en) * 1994-06-16 1995-12-21 Esd Vermoegensverwaltungsgesel Decryption device for decryption algorithms and method for performing the encryption and decryption thereof
MY125706A (en) * 1994-08-19 2006-08-30 Thomson Consumer Electronics High speed signal processing smart card
EP0787391B1 (en) * 1994-09-09 2002-01-23 The Titan Corporation Conditional access system
US5699384A (en) * 1994-11-14 1997-12-16 Hughes Electronics Apparatus and method for satellite receiver computer adaptor card
US5652795A (en) * 1994-11-14 1997-07-29 Hughes Electronics Method and apparatus for an adapter card providing conditional access in a communication system
US5727065A (en) * 1994-11-14 1998-03-10 Hughes Electronics Deferred billing, broadcast, electronic document distribution system and method
KR100332743B1 (en) 1994-11-26 2002-11-07 엘지전자주식회사 Device and method for preventing illegal copy or unauthorized watching of digital image
US5485577A (en) * 1994-12-16 1996-01-16 General Instrument Corporation Of Delaware Method and apparatus for incremental delivery of access rights
US5604801A (en) * 1995-02-03 1997-02-18 International Business Machines Corporation Public key data communications system under control of a portable security device
US5619574A (en) * 1995-02-13 1997-04-08 Eta Technologies Corporation Personal access management system
US5694472A (en) * 1995-02-13 1997-12-02 Eta Technologies Corporation Personal access management system
US5689564A (en) * 1995-02-13 1997-11-18 Eta Technologies Corporation Personal access management system
US5692049A (en) * 1995-02-13 1997-11-25 Eta Technologies Corporation Personal access management system
US5682428A (en) * 1995-02-13 1997-10-28 Eta Technologies Corporation Personal access management system
US5778068A (en) * 1995-02-13 1998-07-07 Eta Technologies Corporation Personal access management system
US5696825A (en) * 1995-02-13 1997-12-09 Eta Technologies Corporation Personal access management system
US5610980A (en) * 1995-02-13 1997-03-11 Eta Technologies Corporation Method and apparatus for re-initializing a processing device and a storage device
SG73580A1 (en) * 1995-05-12 2000-06-20 Macrovision Corp Video media security and tracking system
US5852290A (en) * 1995-08-04 1998-12-22 Thomson Consumer Electronics, Inc. Smart-card based access control system with improved security
US6035037A (en) * 1995-08-04 2000-03-07 Thomson Electronic Consumers, Inc. System for processing a video signal via series-connected high speed signal processing smart cards
US5805702A (en) * 1995-09-29 1998-09-08 Dallas Semiconductor Corporation Method, apparatus, and system for transferring units of value
US5638448A (en) * 1995-10-24 1997-06-10 Nguyen; Minhtam C. Network with secure communications sessions
US5689566A (en) * 1995-10-24 1997-11-18 Nguyen; Minhtam C. Network with secure communications sessions
JPH09233066A (en) 1996-02-23 1997-09-05 Sony Corp Encryption/decryption method and its device
ATE196398T1 (en) 1996-03-18 2000-09-15 News Datacom Ltd CHIP CARD COUPLING FOR PAY-TV SYSTEMS
HRP970160A2 (en) * 1996-04-03 1998-02-28 Digco B V Method for providing a secure communication between two devices and application of this method
JP3783800B2 (en) * 1996-08-09 2006-06-07 富士通株式会社 Encryption / decryption device and method using programmable logic device / device
US5802175A (en) * 1996-09-18 1998-09-01 Kara; Salim G. Computer file backup encryption system and method
US5898680A (en) * 1996-11-05 1999-04-27 Worldspace, Inc. System for providing location-specific data to a user
FR2755809B1 (en) * 1996-11-13 1999-05-28 Thomson Multimedia Sa METHOD FOR PROTECTING INFORMATION TRANSMITTED FROM A SECURITY ELEMENT TO A DECODER AND PROTECTION SYSTEM USING SUCH A METHOD
US6178242B1 (en) 1997-02-07 2001-01-23 Nds Limited Digital recording protection system
IL120174A (en) * 1997-02-07 1999-10-28 News Datacom Ltd Digital recording protection system
US6064989A (en) * 1997-05-29 2000-05-16 Pitney Bowes Inc. Synchronization of cryptographic keys between two modules of a distributed system
US5991879A (en) * 1997-10-23 1999-11-23 Bull Hn Information Systems Inc. Method for gradual deployment of user-access security within a data processing system
US7778418B1 (en) * 1998-01-08 2010-08-17 Samsung Electronics Co., Ltd. System and method for copy protection for digital signals
JP3659791B2 (en) * 1998-03-23 2005-06-15 インターナショナル・ビジネス・マシーンズ・コーポレーション Method and system for generating a small time key
KR100311200B1 (en) * 1998-12-08 2002-02-19 성재갑 Low Viscosity Mini Emulsion Cosmetic Composition With Ceramide
US6934255B1 (en) 1999-02-02 2005-08-23 Packeteer, Inc. Internet over satellite apparatus
US7058803B2 (en) 2002-05-22 2006-06-06 Broadcom Corporation System and method for protecting transport stream content
WO2000057290A1 (en) * 1999-03-19 2000-09-28 Hitachi, Ltd. Information processor
US7730300B2 (en) * 1999-03-30 2010-06-01 Sony Corporation Method and apparatus for protecting the transfer of data
US6697489B1 (en) 1999-03-30 2004-02-24 Sony Corporation Method and apparatus for securing control words
AU5730200A (en) * 1999-06-08 2000-12-28 General Instrument Corporation Cryptographic processing system
US7039614B1 (en) 1999-11-09 2006-05-02 Sony Corporation Method for simulcrypting scrambled data to a plurality of conditional access devices
JP2001318768A (en) * 2000-03-02 2001-11-16 Sony Computer Entertainment Inc Entertainment device, component therefor, method for loading digital information with entertainment device and computer program
EP1134977A1 (en) * 2000-03-06 2001-09-19 Irdeto Access B.V. Method and system for providing copies of scrambled content with unique watermarks, and system for descrambling scrambled content
JP2002014872A (en) * 2000-06-29 2002-01-18 Fujitsu Ltd Cipher controller
US8140859B1 (en) 2000-07-21 2012-03-20 The Directv Group, Inc. Secure storage and replay of media programs using a hard-paired receiver and storage device
TW571245B (en) * 2000-09-15 2004-01-11 Nagracard Sa Multi-ports card
US7231044B2 (en) * 2000-10-11 2007-06-12 Digital Authentication Technologies, Inc. Method and apparatus for real-time digital certification of electronic files and transactions using entropy factors
US20020048371A1 (en) * 2000-10-24 2002-04-25 Ryuichi Iwamura Method and system for secure digital decoder with secure key distribution
US20020146125A1 (en) * 2001-03-14 2002-10-10 Ahmet Eskicioglu CA system for broadcast DTV using multiple keys for different service providers and service areas
US7280658B2 (en) * 2001-06-01 2007-10-09 International Business Machines Corporation Systems, methods, and computer program products for accelerated dynamic protection of data
US7139398B2 (en) 2001-06-06 2006-11-21 Sony Corporation Time division partial encryption
US7895616B2 (en) 2001-06-06 2011-02-22 Sony Corporation Reconstitution of program streams split across multiple packet identifiers
US7747853B2 (en) 2001-06-06 2010-06-29 Sony Corporation IP delivery of secure digital content
US6735264B2 (en) 2001-08-31 2004-05-11 Rainmaker Technologies, Inc. Compensation for non-linear distortion in a modem receiver
US7173966B2 (en) * 2001-08-31 2007-02-06 Broadband Physics, Inc. Compensation for non-linear distortion in a modem receiver
US7409562B2 (en) * 2001-09-21 2008-08-05 The Directv Group, Inc. Method and apparatus for encrypting media programs for later purchase and viewing
US7823174B2 (en) 2002-01-02 2010-10-26 Sony Corporation Macro-block based content replacement by PID mapping
US7765567B2 (en) 2002-01-02 2010-07-27 Sony Corporation Content replacement by PID mapping
US20030131349A1 (en) * 2002-01-04 2003-07-10 General Instrument Corporation Methods and systems for managing and collecting impulse pay-per-view data in smart card enabled television terminals
US7415440B1 (en) 2002-02-22 2008-08-19 Entriq, Inc. Method and system to provide secure key selection using a secure device in a watercrypting environment
US8082588B2 (en) * 2002-03-15 2011-12-20 Nagravision S.A. Secured storage method of encrypted data on a personal digital recorder
US7305555B2 (en) 2002-03-27 2007-12-04 General Instrument Corporation Smart card mating protocol
US7343398B1 (en) 2002-09-04 2008-03-11 Packeteer, Inc. Methods, apparatuses and systems for transparently intermediating network traffic over connection-based authentication protocols
US8818896B2 (en) 2002-09-09 2014-08-26 Sony Corporation Selective encryption with coverage encryption
US7724907B2 (en) 2002-11-05 2010-05-25 Sony Corporation Mechanism for protecting the transfer of digital content
US8572408B2 (en) 2002-11-05 2013-10-29 Sony Corporation Digital rights management of a digital device
US8645988B2 (en) 2002-12-13 2014-02-04 Sony Corporation Content personalization for digital content
US8667525B2 (en) 2002-12-13 2014-03-04 Sony Corporation Targeted advertisement selection from a digital stream
US7132953B2 (en) * 2003-06-26 2006-11-07 Lear Corporation Spring sensor assembly for a vehicle seat cushion
US7853980B2 (en) 2003-10-31 2010-12-14 Sony Corporation Bi-directional indices for trick mode video-on-demand
FR2871017B1 (en) 2004-05-28 2008-02-29 Viaccess Sa METHOD FOR DIFFUSION OF DIGITAL DATA TO A PARK OF TARGET RECEIVING TERMINALS
US8041190B2 (en) 2004-12-15 2011-10-18 Sony Corporation System and method for the creation, synchronization and delivery of alternate content
US7895617B2 (en) 2004-12-15 2011-02-22 Sony Corporation Content substitution editor
US7386128B2 (en) * 2004-12-29 2008-06-10 General Instrument Corporation Conditional access system providing access to multiple programs or services
US8639946B2 (en) * 2005-06-24 2014-01-28 Sigmatel, Inc. System and method of using a protected non-volatile memory
GB2429308B (en) * 2005-07-29 2007-08-01 Hewlett Packard Development Co Data transfer device
US9325944B2 (en) 2005-08-11 2016-04-26 The Directv Group, Inc. Secure delivery of program content via a removable storage medium
US7761591B2 (en) 2005-12-16 2010-07-20 Jean A. Graham Central work-product management system for coordinated collaboration with remote users
US8185921B2 (en) 2006-02-28 2012-05-22 Sony Corporation Parental control of displayed content using closed captioning
US8775319B2 (en) 2006-05-15 2014-07-08 The Directv Group, Inc. Secure content transfer systems and methods to operate the same
US20180063128A1 (en) * 2016-08-31 2018-03-01 Motorola Solutions, Inc Method for automatically deleting a user password upon successful use of a multi-factor authentication modality

Family Cites Families (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4802214A (en) * 1982-04-23 1989-01-31 Eagle Comtronics, Inc. Method and apparatus for identifying and rendering operative particular descramblers in a television signal scrambling system
US4613901A (en) * 1983-05-27 1986-09-23 M/A-Com Linkabit, Inc. Signal encryption and distribution system for controlling scrambling and selective remote descrambling of television signals
WO1985000491A1 (en) * 1983-06-30 1985-01-31 Independent Broadcasting Authority Encrypted broadcast television system
CA1219930A (en) * 1983-07-21 1987-03-31 Takashi Kamitake Information transmission system
US4663664A (en) * 1983-10-31 1987-05-05 R. F. Monolithics, Inc. Electronic ticket method and apparatus for television signal scrambling and descrambling
GB2151886A (en) * 1983-12-21 1985-07-24 British Broadcasting Corp Conditional-access broadcast transmission
JPS60160492A (en) * 1984-01-31 1985-08-22 Toshiba Corp Ic card
US4634808A (en) * 1984-03-15 1987-01-06 M/A-Com Government Systems, Inc. Descrambler subscriber key production system utilizing key seeds stored in descrambler
US4712238A (en) * 1984-06-08 1987-12-08 M/A-Com Government Systems, Inc. Selective-subscription descrambling
US4694491A (en) * 1985-03-11 1987-09-15 General Instrument Corp. Cryptographic system using interchangeable key blocks and selectable key fragments
CA1270339A (en) * 1985-06-24 1990-06-12 Katsuya Nakagawa System for determining a truth of software in an information processing apparatus
JPS6229333A (en) * 1985-07-31 1987-02-07 Hitachi Ltd System for setting ciphering key
EP0626793B1 (en) 1986-04-18 2001-11-28 Nagra Plus S.A. Pay television system
US4890321A (en) * 1986-07-08 1989-12-26 Scientific Atlanta, Inc. Communications format for a subscription television system permitting transmission of individual text messages to subscribers
JPS63113729A (en) * 1986-10-31 1988-05-18 Toppan Printing Co Ltd Ic card
JPS63181088A (en) * 1987-01-23 1988-07-26 Toshiba Corp Portable electronic equipment
US4864615A (en) * 1988-05-27 1989-09-05 General Instrument Corporation Reproduction of secure keys by using distributed key generation data

Also Published As

Publication number Publication date
NO913191D0 (en) 1991-08-15
EP0471373A2 (en) 1992-02-19
NO179160C (en) 1996-08-14
US5111504A (en) 1992-05-05
CA2049083A1 (en) 1992-02-18
AU8241291A (en) 1992-02-20
JPH04288743A (en) 1992-10-13
NO913191L (en) 1992-02-18
KR920005645A (en) 1992-03-28
EP0471373A3 (en) 1992-07-29
IE912876A1 (en) 1992-02-26
JP2930149B2 (en) 1999-08-03
EP0471373B1 (en) 1999-10-06
DE69131680D1 (en) 1999-11-11
KR100188425B1 (en) 1999-06-01
AU632704B2 (en) 1993-01-07
ATE185461T1 (en) 1999-10-15
ES2137923T3 (en) 2000-01-01
DE69131680T2 (en) 2000-05-11
NO179160B (en) 1996-05-06

Similar Documents

Publication Publication Date Title
CA2049083C (en) Information processing apparatus with replaceable security element
US5144664A (en) Apparatus and method for upgrading terminals to maintain a secure communication network
EP0148235B1 (en) Encrypted broadcast television system
EP0466916B1 (en) External security module for a television signal decoder
CA2173176C (en) Data security scheme for point-to-point communication sessions
KR100415213B1 (en) Method and apparatus for incremental transfer of access rights
EP0787391B1 (en) Conditional access system
KR100577934B1 (en) Process for protecting an information item transmitted from a security element to a decoder and protection system using such a process
AU751436B2 (en) Mechanism for matching a receiver with a security module
EP1023795A1 (en) Control for a global transport data stream
EP0984630B1 (en) Data communication system
CN101626484A (en) Method for protecting control word in condition access system, front end and terminal
JP4521392B2 (en) Pay television systems associated with decoders and smart cards, rights revocation methods in such systems, and messages sent to such decoders
JPH1079730A (en) Decoder

Legal Events

Date Code Title Description
EEER Examination request
MKEX Expiry
MKEX Expiry

Effective date: 20110813