US20110103582A1 - System for securing access to data streams - Google Patents
System for securing access to data streams Download PDFInfo
- Publication number
- US20110103582A1 US20110103582A1 US12/930,304 US93030411A US2011103582A1 US 20110103582 A1 US20110103582 A1 US 20110103582A1 US 93030411 A US93030411 A US 93030411A US 2011103582 A1 US2011103582 A1 US 2011103582A1
- Authority
- US
- United States
- Prior art keywords
- scrambled
- compressed
- content
- digital content
- output
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/254—Management at additional data server, e.g. shopping server, rights management server
- H04N21/2541—Rights Management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/23—Processing of content or additional data; Elementary server operations; Server middleware
- H04N21/234—Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs
- H04N21/2347—Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs involving video stream encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/41—Structure of client; Structure of client peripherals
- H04N21/414—Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance
- H04N21/4147—PVR [Personal Video Recorder]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/41—Structure of client; Structure of client peripherals
- H04N21/418—External card to be used in combination with the client device, e.g. for conditional access
- H04N21/4181—External card to be used in combination with the client device, e.g. for conditional access for conditional access
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/44—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs
- H04N21/4405—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs involving video stream decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/44—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs
- H04N21/4408—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs involving video stream encryption, e.g. re-encrypting a decrypted video stream for redistribution in a home network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/45—Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
- H04N21/462—Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
- H04N21/4623—Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/633—Control signals issued by server directed to the network components or client
- H04N21/6332—Control signals issued by server directed to the network components or client directed to client
- H04N21/6334—Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
- H04N21/63345—Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key by transmitting keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/80—Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
- H04N21/83—Generation or processing of protective or descriptive data associated with content; Content structuring
- H04N21/835—Generation of protective data, e.g. certificates
Definitions
- the present invention relates to delivery of digital content, and more particularly to systems for controlling the delivery of digital content based on rules.
- the IEEE 1394 high-speed serial bus provides enhanced PC connectivity for consumer electronics audio/video (A/V) appliances, storage peripherals, other PCs, and portable devices, making it possible to transfer content quickly and efficiently around such devices.
- An industry developed standard, DTCP (5C) copy protection scheme (Digital Transmission Content Protection Specification, Vol. 1, available at www.dtcp.com/info_dtcp_v1.pdf), provides content protection against the unauthorized copying and transmission of digital images and sound.
- DTCP was developed to encrypt digital content as it moves over an IEEE 1394 interface from pay television systems like cable and satellite.
- the DTCP scheme supports capabilities such as moving copies from personal video recorders to removable digital tape or disc recordings, and transferring copies among servers located in different places in a home.
- DTCP technology includes three basic copy control states, designated Copy Freely, Copy One Generation, and Copy None, any of which can be applied to particular items of content.
- the DTCP system thus enables generations of control information, where the copy control state of data in a particular location directly affects the next generation copy control state, dependant on the particular copy control in use for the first generation.
- DVD In general, pay television systems, as well as MPEG (ISO/IEC JTC1/SC29/WG11)/DVD have been designed to protect content, while controlling the transport stream and delivering clear uncompressed content for display.
- DVD specifications are available on the Internet at ecma:ch. Specific specifications include ECMA-267 (97) 120 mm DVD-Read-Only Disk; ECMA-268 (97) 80 mm DVD-Read-Only Disk; and ECMA-272 (99) 120 DVD Rewriteable Disk (DVD-RAM) also published as ISO-IEC 16824).
- Digital data is particularly valuable in its clear compressed format, as clear compressed digital data can easily be transmitted because of its size. Additionally, every copy of clear compressed digital data is identical. End to end content protection has shown the importance of maintaining the data encrypted until it is being used; see, for example, the discussion in NDS marketing white paper XTV Persistent End-to-End Content Protection (30 Jul. 2002 publication number XT-M164).
- the present invention in preferred embodiments thereof, seeks to provide an improved mechanism whereby additional security features are added to a video processor.
- the additional security features include headend control which explicitly determines whether the content can be output clear compressed or not.
- the headend control is enforced in preferred embodiments of the present invention by providing content which is protected by additional encryption and by utilizing an additional decryption element that is only accessible when preparing clear uncompressed content.
- headend is used throughout the present specification and claims to include any hardware and software used to prepare digital data for distribution; such preparation typically includes encrypting, compressing and multiplexing the digital data.
- Metadata typically includes one or more of the following: program specific information; service information; electronic program guide information; or any other metadata which might be included in a broadcast stream.
- clear is used throughout the present specification to refer to a state of data which is neither scrambled nor encrypted.
- the term “clear compressed data” refers to compressed data which is neither scrambled nor encrypted.
- ender is used, in all of its grammatical forms, throughout the present specification and claims to refer to any appropriate mechanism or method of making content palpable to one or more of the senses. In particular and without limiting the generality of the foregoing, “render” refers not only to display of video content but also to playback of audio content.
- a method for protecting digital content including receiving compressed encrypted digital content, determining an output format based, at least in part, on all of the following a user-requested output format, received control information, and a rule determining whether a clear compressed output format is allowed, and producing output from the compressed digital content based on a result of the determining, wherein, if the rule does not allow clear compressed output format, the compressed encrypted digital content is provided in a form which prevents production of clear compressed output in the producing step.
- the form which prevents production of clear compressed output includes compressed encrypted digital content, additionally encrypted in accordance with a second encryption method, and the producing includes decrypting in accordance with the second encryption method, and decompressing, and the producing includes an atomic operation.
- the method includes providing an output-producing hardware device, wherein at least the producing is performed in the hardware device.
- the hardware device is characterized by a device profile, and the determining is also based, at least in part, on the device profile.
- the determining is also performed in the hardware device.
- the hardware device is included in a single integrated circuit.
- the integrated circuit is included in a smart card.
- the method includes rendering the output sensible to at least one human sense.
- the rendering includes at least one of the following: audio rendering; visual rendering; and audio/visual rendering.
- the compression includes null compression.
- apparatus for protecting digital content including a digital content receiver receiving compressed encrypted digital content, an output format determination unit determining an output format based, at least in part, on all of the following: a user-requested output format; received control information; and a rule determining whether a clear compressed output format is allowed, and a content output unit producing output from the compressed digital content based on a result produced by the output format determination unit, wherein, if the rule does not allow clear compressed output format, the compressed encrypted digital content is provided to the digital content receiver in a form which prevents production of clear compressed output by the content output unit.
- the form which prevents production of clear compressed output includes compressed encrypted digital content, additionally encrypted in accordance with a second encryption method, and the content output unit includes a decrypting unit decrypting in accordance with the second encryption method, and decompressing apparatus, and the content output unit produces output in an atomic operation.
- the apparatus includes an output-producing hardware device, wherein at least the content output unit is included in the hardware device.
- the hardware device is characterized by a device profile, and the output format determination unit determines the output format based, at least in part, on the device profile.
- the output format determination unit is also included in the hardware device.
- the hardware device is included in a single integrated circuit.
- the integrated circuit is included in a smart card.
- the apparatus includes a rendering device which renders the output sensible to at least one human sense.
- the rendering device includes at least one of the following: an audio rendering device; a visual rendering device; and an audio/visual rendering device.
- the compression includes null compression.
- a digital content receiver including: a local scrambling descrambler; a broadcast descrambler receiving an output produced by the local scrambling descrambler; a local scrambler, a combined extra encryption algorithm decryptor and decoder/decompressor (XDDC), and a switch operative to provide an output of the broadcast descrambler to exactly one of the local scrambler and the XDDC, wherein the DCR is operative to receive control information and compressed encrypted digital content, and at least the setting of the switch is determined, at least in part, by the control information, and the DCR is operative to produce an output based on all of the following: the compressed digital content; a user-requested output format; the received control information; and a rule determining whether a clear compressed output format is allowed, and if the rule does not allow clear compressed output format, the compressed encrypted digital content is provided to the DCR in a form which prevents production
- DCR digital content receiver
- the local scrambling descrambler is operative to perform exactly one of the following operations based, at least in part, on the received control information: receive an input and produce an output substantially identical to the received input; and receive an input, and perform descrambling on the received input, thereby producing an output.
- the local scrambler is operative to perform exactly one of the following operations based, at least in part, on the received control information receive an input and produce an output substantially identical to the received input, and receive an input and perform local scrambling on the received input, thereby producing an output.
- the DCR includes an output-producing hardware device, wherein at least the content output unit is included in the hardware device.
- the hardware device is included in a single integrated circuit.
- the integrated circuit is included in a smart card.
- the DCR includes a rendering device which renders the output sensible to at least one human sense.
- the rendering device includes at least one of the following an audio rendering device, a visual rendering device, and an audio/visual rendering device.
- the XDDC is operative, based, at least in part, on the received control information, to receive an input, and descramble and decode the received input in an atomic operation, thereby producing an output.
- a content-protected personal video recorder including a DCR, and a PVR unit including PVR storage media, the PVR unit receiving the output produced by the DCR.
- PVR personal video recorder
- the PVR unit is operative to store the received output on the PVR storage media.
- the output produced by the DCR includes locally scrambled output.
- the PVR unit is operative to retrieve the stored output from the PVR storage media.
- the DCR performs at least one of the following on the locally scrambled output retrieved by the PVR decryption, and decompression.
- the PVR unit is operative to store received XEA encrypted output on the PVR storage media.
- the output produced by the DCR includes XEA encrypted output.
- the PVR unit is operative to retrieve the stored XEA encrypted output from the PVR storage media.
- the output retrieved by the PVR includes XEA encrypted output.
- the DCR performs, as an atomic operation, decryption and decompression on the XEA encrypted output retrieved by the PVR.
- a content-protected television system including a DCR, and a television unit, the television unit receiving the output produced by the DCR.
- the television unit includes an analog television unit.
- the television unit includes a digital television unit.
- FIG. 1 is a generalized block diagram illustration of a clear compressed content control system constructed and operative in accordance with a preferred embodiment of the present invention
- FIG. 2A is a generalized block diagram illustration of a system for producing scrambled compressed digital content, useful for understanding the operation of the system of FIG. 1 ;
- FIG. 2B is a generalized block diagram illustration of an alternative system for producing scrambled compressed digital content, useful for understanding the operation of the system of FIG. 1 ;
- FIG. 3 is a generalized block diagram illustration of a preferred implementation of the system of FIG. 1 , illustrating an implementation in which output is stored in a PVR;
- FIG. 4 is a generalized block diagram illustration of an alternative preferred implementation of the system of FIG. 1 , illustrating an implementation in which output comprises compressed content;
- FIG. 5 is a generalized block diagram illustration of another alternative preferred implementation of the system of FIG. 1 , illustrating an implementation in which output is displayed on an analog television;
- FIG. 6A is a generalized block diagram illustration of yet another alternative preferred implementation of the system of FIG. 1 , illustrating an implementation in which output is not useable;
- FIG. 6B is a generalized block diagram illustration of a preferred embodiment of control information, useful for understanding FIG. 6A ;
- FIG. 7 is a generalized block diagram illustration of another alternative preferred implementation of the system of FIG. 1 , illustrating an implementation in which output is displayed on a digital television;
- FIG. 8 is a generalized block diagram illustration of yet another alternative preferred implementation of the system of FIG. 1 , illustrating another implementation in which output is stored in a PVR;
- FIG. 9 is a generalized block diagram illustration of still another alternative preferred implementation of the system of FIG. 1 , illustrating another implementation in which output is displayed on a digital television;
- FIG. 10 is a generalized block diagram illustration of another alternative preferred implementation of the system of FIG. 1 , illustrating another implementation in which output is displayed on an analog television;
- FIG. 11 is a generalized block diagram illustration of a mode of operation of the system of FIG. 1 , illustrating a mode in which compressed encrypted content is output;
- FIG. 12 is a generalized block diagram illustration of an alternative mode of operation of the system of FIG. 1 , illustrating a mode in which clear uncompressed content is output;
- FIG. 13 is a generalized block diagram illustration of an alternative mode of operation of the system of FIG. 1 , illustrating a mode in which clear compressed content is output;
- FIG. 14 is a generalized block diagram illustration of an yet another alternative mode of operation of the system of FIG. 1 , illustrating a mode in which no output is to be produced;
- FIG. 15 is a generalized block diagram illustration of an still another alternative mode of operation of the system of FIG. 1 , illustrating a mode in which clear compressed content is attempted to be output but no output is allowed;
- FIG. 16 is a simplified flowchart illustration of a preferred method of operation of the system of FIG. 1 .
- FIG. 1 is a generalized block diagram illustration of a clear compressed content control system constructed and operative in accordance with a preferred embodiment of the present invention.
- the system of FIG. 1 comprises a digital content receiver (DCR) 5 .
- the DCR 5 is preferably operative to receive scrambled compressed digital content and to produce therefrom one or more types of output in accordance with content control rules, as will be described in more detail below.
- the DCR 5 may comprise a single integrated circuit.
- the circuit described in this specification need not be embedded in fixed hardware; rather, all or part of the circuit described may be embedded in a removable security element, such as a smart card.
- FIG. 2A is a generalized block diagram illustration of a system for producing scrambled compressed digital content, useful for understanding operation of the system of FIG. 1 .
- the system of FIG. 2A is provided by way of example only and is not meant to be limiting.
- clear content 10 typically comprising clear digital content
- a compression device 20 compresses the clear content 10 , using any appropriate compression method, such as MPEG-2 or MPEG-4, as is well known in the art, to produce compressed clear digital content 30 .
- the compressed clear digital content 30 is input to a broadcast scrambler 40 , which, using encryption methods known in the art, produces therefrom scrambled compressed digital content 50 .
- encryption methods include DVB (refer to standard ETSI EN 301 192), DES, and 3DES (both DES and 3DES are described in Applied Cryptography , referred to above, at pp. 265-301).
- FIG. 2B is a generalized block diagram illustration of an alternative system for producing scrambled compressed digital content, useful for understanding operation of the system of FIG. 1 .
- the system of FIG. 2B is provided by way of example only and is not meant to be limiting.
- the system of FIG. 2B is preferably similar to the system of FIG. 2A , and additionally comprises apparatus for implementing an “extra” encryption algorithm (XEA).
- XEA extract encryption algorithm
- Nonlimiting examples of encryption schemes usable for XEA which schemes are well known in the art, preferably include Diffie-Hellman (described in Applied Cryptography , referred to above, at pp. 513-516) and El-Gamal (refer to Applied Cryptography pgs. 532-533).
- clear content 10 typically comprising clear digital content
- a compression device 20 compresses the clear content 10 , using any appropriate compression method, as is well known in the art, to produce compressed clear digital content 30 .
- the compressed clear digital content 30 is received by an XEA scrambler 240 , which produces therefrom XEA scrambled compressed digital content 230 .
- the XEA scrambled compressed digital content 230 is input to the broadcast scrambler 40 .
- the broadcast scrambler 40 produces therefrom broadcast scrambled XEA scrambled compressed digital content 250 using encryption methods similar to those described above with reference to FIG. 2A .
- the DCR 5 preferably comprises the following components, each of which is typically implemented in either hardware, software, or a combination thereof:
- a descrambler shown in FIG. 1 by way of example only as a local scrambling descrambler 100 . It is appreciated that the type of descrambler 100 provided in the system of FIG. 1 is chosen to correspond to a type of scrambling used to scramble content intended for the DCR 5 .
- Examples of local scrambling would include, but not be limited to, such well known algorithms as AES (FIPS-197, described in csrc.nist.gov/publications/fips/fips197/fips-197.pdf), skipjack (FIPS-185, described in csrc.nist.gov/encryption/skipjack/skipjack.pdf), blowfish (described in Applied Cryptography , referred to above, at pp. 336-339), RC5 (described in Applied Cryptography , referred to above, at pp. 344-346), IDEA (described in Applied Cryptography , referred to above, at pp.
- AES FIPS-197, described in csrc.nist.gov/publications/fips/fips197/fips-197.pdf
- skipjack FIPS-185, described in csrc.nist.gov/encryption/skipjack/skipjack.pdf
- blowfish described in Applied Cryptography ,
- a broadcast descrambler 110 which is preferably operatively associated with the local scrambling descrambler 100 .
- the broadcast descrambler 110 is preferably operative to receive the output produced by the local scrambling descrambler 100 and to perform broadcast descrambling thereon.
- a local scrambler 120 which is preferably operatively associated with the broadcast descrambler 110 via a switch 140 .
- the switch 140 is set to send output from the broadcast descrambler 110 to the local scrambler 120
- the local scrambler 120 is preferably operative to receive said output and to perform local scrambling thereon. It is appreciated that, depending on the information in the control information 160 , the local scrambler 120 may alternatively take no scrambling action; in such a case the local scrambler 120 preferably produces output substantially identical to the input received by the local scrambler 120 .
- a combined XEA decryptor and decode/decompressor (XDDC) 130 which is also preferably operatively associated with the broadcast descrambler 110 via the switch 140 .
- the switch 140 is set to send output from the broadcast descrambler 110 to the XDDC 130
- the XDDC 130 is preferably operative to receive said output and to perform both XEA decryption and decoding/decompression thereon.
- decryption and decoding/decompression in the XDDC 130 comprise an atomic operation.
- the XDDC 130 is designed in such a way that the XDDC 130 must perform decoding and decompressing together.
- the XDDC 130 will not perform decoding alone, nor will the XDDC perform decompressing alone.
- Anti-tamper techniques which are well known in the art, are preferably used to ensure the integrity of the XDDC 130 .
- XEA refers to any appropriate encryption scheme.
- Nonlimiting examples of encryption schemes usable for XEA might preferably include Diffie-Hellman and El-Gamal.
- the key (also referred to herein as a “control word”) for XEA is preferably provided by a conditional access system broadcasting an entitlement control message, as is known in the art.
- a device such as a set-top box or PVR, in which the DCR 5 may preferably be comprised, receives the entitlement control message. Using techniques known in the art, the device (not shown in FIG. 1 ) derives the control word from the entitlement control message and provides the control word to the DCR 5 .
- a plurality of switches shown in FIG. 1 as the first switch 140 and the second switch 150 described above. As will be described in more detail below, the plurality of switches preferably also includes other switches (not shown in FIG. 1 ). Each of the plurality of switches is preferably set in accordance with control information 160 received by the DCR 5 .
- the control information 160 is preferably determined, at least in part, by an owner or controller (not shown) of digital content (not shown in FIG. 1 ) sent to the DCR 5 .
- the control information 160 is also preferably determined, at least in part, based on input of a user of the DCR 5 , requesting to make use of the digital content in a particular way.
- the control information 160 is also preferably determined, at least in part, based on receiver policy. The control information 160 and the manner in which the plurality of switches are preferably set are described in more detail below.
- each of the local scrambling descrambler 100 ; the broadcast descrambler 110 ; the local scrambler 120 ; and the XDDC 130 in the system of FIG. 1 may be either preferably operational or non-operational.
- the local scrambling descrambler 100 may or may not perform local scrambling descrambling.
- the local scrambler 120 may or may not perform local scrambling.
- the DCR 5 also preferably comprises other components (not shown), which typically comprise conventional components well known in the art of content receivers.
- components typically comprise conventional components well known in the art of content receivers.
- Non-limiting examples of such components include tuners, demultiplexers, and digital-to-analog converters.
- Various modes of operation of the system of FIG. 1 are determined based on the control information 160 received by the DCR 5 .
- the first switch 140 is set to 0 and the second switch 150 is set to 1, preventing any output from being produced by the DCR 5 ; this is intended to guarantee that output based on any particular item of digital content is controlled only on the basis of control information 160 associated with that item of digital content.
- digital data is particularly valuable in its clear compressed format because a recipient without authorization can easily use clear compressed digital data. Furthermore, digital data in its clear compressed format is easily transmitted. Therefore, it is an object of the present invention, in certain preferred embodiments thereof, to prevent the output of clear compressed content when the control information 160 does not permit such output.
- FIG. 3 is a generalized block diagram illustration of a preferred implementation of the system of FIG. 1 .
- broadcast scrambled, XEA scrambled compressed content 250 is received as input by a device 310 , comprising the DCR 5 .
- the device 310 would be a set-top box (STB) or personal video recorder (PVR).
- STB set-top box
- PVR personal video recorder
- the broadcast scrambled, XEA scrambled compressed content 250 bypasses the DCR 5 in order to be output as broadcast scrambled, XEA scrambled compressed content 250 to storage media (not shown in FIG.
- PVR 320 may comprise the same unit or may share components with the DCR 5 , and is shown as a separate unit in FIG. 3 for illustrative purposes only.
- FIG. 4 is a generalized block diagram illustration of an alternative preferred implementation of the system of FIG. 1 .
- broadcast scrambled content 50 is input into a device 310 , comprising the DCR 5 .
- the device 310 would be a STB or PVR.
- the broadcast scrambled content 50 is input to the broadcast descrambler 110 , producing compressed clear digital content 30 .
- the compressed clear digital content 30 is output from the system.
- FIG. 4 is useful when the broadcast scrambled content 50 comprises interactive television data and does not comprise valuable video content.
- FIG. 5 is a generalized block diagram illustration of another alternative preferred implementation of the system of FIG. 1 .
- broadcast scrambled, XEA scrambled compressed content 250 is input into the device 310 , comprising the DCR 5 .
- Non-limiting examples of the device 310 would be a STB or PVR.
- the broadcast scrambled content, XEA scrambled compressed content 250 is input to the broadcast descrambler 110 , producing XEA scrambled compressed content 230 .
- the XEA scrambled compressed content 230 is then input into the XDDC 130 , which, in an atomic operation, produces clear content 10 .
- the clear content 10 thus produced is input into an analog television 510 for viewing.
- FIG. 6A is generalized block diagram illustration of another alternative preferred implementation of the system of FIG. 1 .
- the device 310 preferably comprising the DCR 5 .
- Non-limiting examples of the device 310 would be a STB or PVR.
- FIG. 6B is a generalized illustration of several elements which are preferably comprised in control information 160 , useful for understanding FIG. 6A .
- Control information 160 preferably comprises: an owner or controller usage rule 610 ; a digital receiver policy 620 ; and user input 630 .
- At least one element of the owner or controller usage rule 610 , and/or the digital receiver policy 620 prohibit decryption.
- the user attempts to use user input 630 of the control information 160 in order to override the decryption prohibition resulting from the combination of owner or controller usage rule 610 and the digital receiver policy 620 .
- the broadcast scrambled content 250 is input to the broadcast descrambler 110 , producing XEA scrambled compressed content 230 .
- the XEA scrambled compressed content 230 output is not decrypted.
- FIG. 7 is a generalized block diagram illustration of another alternative preferred implementation of the system of FIG. 1 .
- broadcast scrambled, XEA scrambled compressed content 250 is input into the device 310 comprising the DCR 5 .
- Non-limiting examples of the device 310 would be a STB or PVR.
- the broadcast scrambled, XEA scrambled compressed content 250 is input to the broadcast descrambler 110 , producing XEA scrambled compressed content 230 .
- the XEA scrambled compressed content 230 is input into the local scrambler 120 which outputs local scrambled, XEA scrambled compressed content 710 .
- the local scrambled, XEA scrambled compressed content 710 is output by the device 310 and input into a digital television 720 .
- the local scrambled, XEA scrambled compressed content 710 is input into the local scrambling descrambler 730 , producing XEA scrambled compressed content 230 .
- the XEA scrambled compressed content 230 is input into the XDDC 130 , which in an atomic operation produces clear content 10 , suitable for viewing.
- first generation control information 160 is reflected in second generation control information 860 .
- first generation control information 160 being reflected in second generation control information 860 would be, as discussed above, the DTCP specification basic copy states.
- a specific non-limiting example of the operation of first and second generation control information would be where first generation control information 160 allows copy once; in such a case, the second generation control information 860 for the copy would allow no further copying.
- Another specific non-limiting example would be where the first generation control information 160 allows copy freely; the second generation control information 860 would also allow copy freely.
- FIG. 8 is a generalized block diagram illustration of another alternative preferred implementation of the system of FIG. 1 .
- the device 310 comprising a DCR 5 .
- a non-limiting example of the device 310 would be a STB or PVR.
- the broadcast scrambled, XEA scrambled compressed content 250 is input to the broadcast descrambler 110 .
- the broadcast descrambler 110 takes no action. It is appreciated that the broadcast scrambler 110 preferably comprises an internal switch (not shown), which, based on the control information 160 , is set to take no action.
- the broadcast scrambled, XEA scrambled compressed content 250 is input to the local scrambler 120 .
- the local scrambler 120 outputs locally scrambled broadcast scrambled XEA scrambled compressed content 810 .
- the locally scrambled broadcast scrambled XEA scrambled compressed content 810 is then output to a PVR 820 .
- the PVR 820 may comprise the same unit or may share components with the device 310 , and is shown as a separate unit in FIG. 8 for illustrative purposes only. Should the PVR 820 comprise the same unit as the device 310 , it is appreciated that the locally scrambled, broadcast scrambled, XEA scrambled compressed content 810 would preferably comprise locally scrambled, broadcast scrambled, XEA scrambled compressed content 850 .
- the locally scrambled, broadcast scrambled, XEA scrambled compressed content 810 is then input into a local scrambling descrambler 830 , producing broadcast scrambled, XEA scrambled compressed content 250 .
- the broadcast scrambled, XEA scrambled compressed content 250 is input into a broadcast descrambler 110 .
- the broadcast descrambler 110 takes no action, and the broadcast scrambled, XEA scrambled compressed content 250 is input to the local scrambler 120 .
- the second generation control information 860 preferably differs from the control information 160 , as explained above in reference to FIG. 7 .
- the local scrambler 120 outputs locally scrambled, broadcast scrambled, XEA scrambled compressed content 850 .
- the locally scrambled, broadcast scrambled, XEA scrambled compressed content 850 is then stored on a PVR storage disk 840 .
- the locally scrambled, broadcast scrambled, XEA scrambled compressed content 850 preferably differs from the locally scrambled, broadcast scrambled, XEA scrambled compressed content 810 in that a different control word is preferably used in local scrambling.
- control information 160 With reference to the second generation control information 860 , it is appreciated that in all cases where there is control information 160 and a second generation of control information 860 , the original control information 160 is preferably reflected in the second generation of control information 860 , as described above more fully with reference to FIG. 7 .
- FIG. 9 is a generalized block diagram illustration of another alternative preferred implementation of the system of FIG. 1 .
- the device 310 comprising a DCR 5 .
- a non-limiting example of the device 310 would be a STB or PVR.
- the broadcast scrambled, XEA scrambled compressed content 250 is input to the broadcast descrambler 110 .
- the broadcast descrambler 110 takes no action, and the broadcast scrambled, XEA scrambled compressed content 250 is input to the local scrambler 120 .
- the local scrambler 120 outputs locally scrambled, broadcast scrambled, XEA scrambled compressed content 810 .
- the locally scrambled, broadcast scrambled, XEA scrambled compressed content 810 is then output to a PVR 820 .
- the PVR 820 may be comprised in the device 310 , or may reside externally thereto, as illustrated in FIG. 9 .
- the broadcast scrambled, XEA scrambled compressed content 250 is input into the broadcast descrambler 110 , producing XEA scrambled, compressed encrypted content 230 .
- the XEA scrambled, compressed encrypted content 230 is then input directly into the local scrambler 120 , producing locally scrambled, XEA scrambled compressed content 710 , as described below.
- the locally scrambled, broadcast scrambled, XEA scrambled compressed content 810 is then input into a local scrambling descrambler 830 , producing broadcast scrambled, XEA scrambled compressed content 250 .
- the broadcast scrambled, XEA scrambled compressed content 250 is input into a broadcast descrambler 110 .
- control information 160 With reference to the second generation control information 860 , it is appreciated that in all cases where there is control information 160 and a second generation of control information 860 , the original control information 160 is preferably reflected in the second generation of control information 860 , as described above more fully with reference to FIG. 7 .
- the broadcast descrambler 110 outputs XEA scrambled compressed content 230 , which is input into a local scrambler 120 .
- the local scrambler 120 produces locally scrambled, XEA scrambled compressed content 710 which is input into a digital television 720 .
- XEA scrambled compressed content 710 is input into a local scrambling descrambler 730 , producing XEA compressed content 230 .
- the XEA compressed content 230 is input into the XDDC 130 , which performs an atomic operation producing clear content 10 suitable for viewing.
- FIG. 10 is a generalized block diagram illustration of another alternative preferred implementation of the system of FIG. 1 .
- broadcast scrambled, XEA scrambled compressed content 250 is input into a device 310 , comprising the DCR 5 .
- Non-limiting examples of the device 310 would be a STB or PVR.
- the broadcast scrambled, XEA scrambled compressed content 250 is input to the broadcast descrambler 110 .
- the broadcast descrambler 110 takes no action, and the broadcast scrambled, XEA scrambled compressed content 250 is input to the local scrambler 120 .
- the local scrambler 120 outputs locally scrambled, broadcast scrambled, XEA scrambled compressed content 810 .
- the locally scrambled, broadcast scrambled, XEA scrambled compressed content 810 is then output to a PVR 820 .
- the PVR 820 may comprise the same unit or may share components with the device 310 , and is shown as a separate unit in FIG. 10 for illustrative purposes only.
- the locally scrambled, broadcast scrambled, XEA scrambled compressed content 810 is then input into an local scrambling descrambler 830 , producing broadcast scrambled, XEA scrambled compressed content 250 .
- the broadcast scrambled, XEA scrambled compressed content 250 is input into a broadcast descrambler 110 .
- control information 160 With reference to the second generation control information 860 , it is appreciated that in all cases where there is control information 160 and a second generation of control information 860 , the original control information 160 is preferably reflected in the second generation of control information 860 , as described above more fully with reference to FIG. 7 .
- the broadcast descrambler 110 outputs XEA scrambled compressed content 230 which is input into the XDDC 130 .
- the XDDC 130 performs an atomic operation outputting clear content 10 , suitable for viewing on an analog television 510 .
- excluded modes refers to modes of operation of the system of FIG. 1 , which are permitted by the owner or controller of the item of digital content received by the DCR 5 .
- FIG. 11 is a generalized block diagram illustration of the system of FIG. 1 , illustrating a mode in which compressed encrypted content is output.
- locally scrambled, broadcast scrambled, compressed content 70 is input to the DCR 5 .
- the broadcast scrambled, compressed content 70 is descrambled by the local scrambler descrambler 100 producing broadcast scrambled, compressed content 50 .
- the broadcast scrambled, compressed content 50 is descrambled by the broadcast descrambler 110 , producing compressed clear digital content 30 .
- the first switch 140 is set in accordance with the control information 160 received by the DCR 5 to output compressed clear digital content 30 to the local scrambler 120 .
- the local scrambler 120 scrambles the compressed clear digital content 30 , producing compressed locally scrambled output 310 .
- the second switch 150 is set in accordance with control information 160 received by the DCR 5 to allow output of the compressed locally scrambled output 310 .
- FIG. 12 is a generalized block diagram illustration of the system of FIG. 1 , illustrating a mode in which clear uncompressed content is to be output.
- locally scrambled, broadcast scrambled, XEA scrambled compressed content 270 is input to the DCR 5 .
- the locally scrambled, broadcast scrambled, XEA scrambled compressed content 270 is descrambled by the local scrambling descrambler 100 producing broadcast scrambled, XEA scrambled compressed content 250 .
- the broadcast scrambled, XEA scrambled compressed content 250 is descrambled by the broadcast descrambler 110 , producing XEA scrambled compressed content 230 .
- the first switch 140 is set in accordance with control information 160 received by the DCR 5 to output the XEA scrambled compressed content 230 to the XDDC 130 .
- the XEA scrambled compressed content 230 is XEA decrypted and decompressed by the XDDC 130 , which performs an atomic operation producing uncompressed clear content 10 .
- the second switch 150 is not relevant to the operation of producing uncompressed clear content 10 ; therefore, the setting of the second switch 150 is preferably not changed from the default position thereof.
- Inputs not depicted include: locally scrambled XEA scrambled compressed content and broadcast scrambled XEA scrambled compressed content.
- the mode of operation shown in FIG. 12 produces uncompressed clear content 10 .
- FIG. 13 is a generalized block diagram illustration of the system of FIG. 1 , illustrating a mode in which clear compressed content is to be output.
- locally scrambled, broadcast scrambled, compressed content 70 is input to the DCR 5 .
- the locally scrambled, broadcast scrambled, compressed content 70 is descrambled by the local scrambling descrambler 100 producing broadcast scrambled, compressed content 50 .
- the broadcast scrambled, compressed content 50 is descrambled by the broadcast descrambler 110 , producing compressed clear digital content 30 .
- the first switch 140 is set in accordance with control information 160 received by the DCR 5 to output compressed clear digital content 30 to the local scrambler 120 .
- the local scrambler 120 does not scramble the compressed clear digital content 30 ; the local scrambler 120 preferably passes the received input as its output with no change.
- the local scrambler 120 preferably comprises an internal switch (not shown), which in the present implementation is set to take no action.
- the second switch 150 is set in accordance with control information 160 received by the DCR 5 to allow output of the compressed clear digital content 30 .
- FIG. 14 is a generalized block diagram illustration of the system of FIG. 1 , illustrating a mode in which no output is to be produced.
- locally scrambled, broadcast scrambled, compressed content 70 is input to the DCR 5 .
- the locally scrambled, broadcast scrambled, compressed content 70 is descrambled by the local scrambling descrambler 100 producing broadcast scrambled, compressed content 50 .
- the broadcast scrambled, compressed content 50 is not descrambled by the broadcast descrambler 110 , and is thus useless.
- the local scrambler 120 scrambles the broadcast scrambled, compressed content 50 producing locally scrambled, broadcast scrambled, compressed content 310 .
- Inputs not depicted include: locally scrambled compressed content and broadcast scrambled compressed content.
- locally scrambled compressed content and broadcast scrambled compressed content in the absence of valid control information 160 , similarly to the case where locally scrambled, broadcast scrambled, compressed content 70 is input, the mode of operation shown in FIG. 14 produces no useful output.
- V. Clear Compressed Content is Attempted to be Output, not in Accordance with the Control Information 160 .
- FIG. 15 is a generalized block diagram illustration of the system of FIG. 1 , illustrating a mode in which clear compressed content is attempted to be output, not in accordance with the control information 160 . It is appreciated that substitute control information 1560 is input to the DCR 5 by a person attempting to produce output not in accordance with control information 160 .
- locally scrambled, broadcast scrambled, XEA scrambled, compressed content 270 is input to the DCR 5 .
- the locally scrambled, broadcast scrambled, XEA scrambled, compressed content 270 is descrambled by the local scrambling descrambler 100 , which outputs broadcast scrambled, XEA scrambled, compressed content 250 .
- the broadcast scrambled, XEA scrambled, compressed content 250 is descrambled by the broadcast descrambler 110 , producing XEA scrambled, compressed content 230 .
- the first switch 140 is set in accordance with substitute control information 1560 received by the DCR 5 to output XEA scrambled, compressed content 230 to the local scrambler 120 .
- the XEA scrambled, compressed content 230 bypasses the local scrambler 120 .
- the local scrambler 120 thereby preferably outputs XEA scrambled, compressed content 230 .
- the second switch 150 in the presence of substitute control information 1560 is set to 0, so that the DCR 5 outputs XEA scrambled, compressed content 230 .
- the XEA scrambled, compressed encrypted content 230 is unusable because it bypassed the XDDC 130 , and the XEA encryption was never removed.
- Inputs not depicted include: locally scrambled compressed content and broadcast scrambled compressed content.
- locally scrambled compressed content and broadcast scrambled compressed content in accordance with the control information 160 , similarly to the case where locally scrambled, broadcast scrambled, compressed content 70 is input, the mode of operation shown in FIG. 15 produces useless compressed encrypted output 230 .
- FIG. 16 is a simplified flowchart illustration of a preferred method of operation of the system of FIG. 1 .
- the method of FIG. 16 preferably comprises the following steps:
- Compressed digital content is received (step 810 ). If the rule referred to below in step 820 does not allow a clear compressed output format, the compressed encrypted digital content is provided in a form which prevents production of clear compressed output as explained below in step 830 . For example, and without limiting the generality of the foregoing, if the rule does not allow clear compressed output, the compressed encrypted digital content is provided as XEA encrypted content, as described above in reference to FIG. 15 .
- An output format for the compressed digital content is determined, the output format being based, at least in part, on all of the following: a user-requested output format; received control information; and a rule determining whether a clear compressed output format is allowed (step 820 ).
- Output is produced from the compressed digital content based on a result of step 820 (step 830 ). If the control information that does not permit clear compressed output has been replaced by unauthorized control information that permits clear compressed output, then the result of attempting to produce clear compressed will not be usable, as described above with reference to FIG. 15 .
Abstract
A method and an apparatus for protecting digital content, in which an output format for received compressed encrypted digital content is determined based, at least in part, on a rule determining whether clear compressed output format is allowed. When the clear compressed output format is not allowed, the content is received in a form in which it has been encrypted by at least two different encryption methods, and processing of the content comprises a combination of decrypting in accordance with one of the encryption methods and decompression in an atomic operation.
Description
- The present invention relates to delivery of digital content, and more particularly to systems for controlling the delivery of digital content based on rules.
- The IEEE 1394 high-speed serial bus provides enhanced PC connectivity for consumer electronics audio/video (A/V) appliances, storage peripherals, other PCs, and portable devices, making it possible to transfer content quickly and efficiently around such devices. An industry developed standard, DTCP (5C) copy protection scheme (Digital Transmission Content Protection Specification, Vol. 1, available at www.dtcp.com/info_dtcp_v1.pdf), provides content protection against the unauthorized copying and transmission of digital images and sound. DTCP was developed to encrypt digital content as it moves over an IEEE 1394 interface from pay television systems like cable and satellite. The DTCP scheme supports capabilities such as moving copies from personal video recorders to removable digital tape or disc recordings, and transferring copies among servers located in different places in a home. DTCP technology includes three basic copy control states, designated Copy Freely, Copy One Generation, and Copy Never, any of which can be applied to particular items of content. The DTCP system thus enables generations of control information, where the copy control state of data in a particular location directly affects the next generation copy control state, dependant on the particular copy control in use for the first generation.
- In general, pay television systems, as well as MPEG (ISO/IEC JTC1/SC29/WG11)/DVD have been designed to protect content, while controlling the transport stream and delivering clear uncompressed content for display. (DVD specifications are available on the Internet at ecma:ch. Specific specifications include ECMA-267 (97) 120 mm DVD-Read-Only Disk; ECMA-268 (97) 80 mm DVD-Read-Only Disk; and ECMA-272 (99) 120 DVD Rewriteable Disk (DVD-RAM) also published as ISO-IEC 16824).
- Digital data is particularly valuable in its clear compressed format, as clear compressed digital data can easily be transmitted because of its size. Additionally, every copy of clear compressed digital data is identical. End to end content protection has shown the importance of maintaining the data encrypted until it is being used; see, for example, the discussion in NDS marketing white paper XTV Persistent End-to-End Content Protection (30 Jul. 2002 publication number XT-M164).
- When encrypted video has been decrypted, it still cannot be used until it has been decompressed and decoded. However, other data types are used in the format derived by decryption, with no further processing. For example, related but not limited to television programming, interactive data and metadata (for example program titles) typically require no further processing after decryption. As a result, by “pretending” that video data is not video, it may be possible to fool a system into delivering video in clear compressed format. The video data can then be disseminated rapidly, bypassing all content protection and conditional access schemes.
- Throughout the present specification, various encryption algorithms are referred to. Information on the encryption algorithms referred to can be found in Bruce Schneier, Applied Cryptography, second edition, 1996, John Wiley and Sons; and in Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone, A Handbook of Applied Cryptography, 1997, CRC Press.
- The disclosures of all references mentioned above and throughout the present specification are hereby incorporated herein by reference.
- Given the shortcomings of the prior art as described above, it is desirable to provide a mechanism that controls whether scrambled compressed content can be used: in clear compressed format; or only after decoding.
- The present invention, in preferred embodiments thereof, seeks to provide an improved mechanism whereby additional security features are added to a video processor. Preferably, the additional security features include headend control which explicitly determines whether the content can be output clear compressed or not. The headend control is enforced in preferred embodiments of the present invention by providing content which is protected by additional encryption and by utilizing an additional decryption element that is only accessible when preparing clear uncompressed content.
- The term “headend” is used throughout the present specification and claims to include any hardware and software used to prepare digital data for distribution; such preparation typically includes encrypting, compressing and multiplexing the digital data.
- The term “data” is used throughout the present specification and claims to include one or more of the following: video; audio; teletext; interactive applications; and metadata. Metadata typically includes one or more of the following: program specific information; service information; electronic program guide information; or any other metadata which might be included in a broadcast stream.
- The term “clear” is used throughout the present specification to refer to a state of data which is neither scrambled nor encrypted. For example, and without limiting the generality of the foregoing, the term “clear compressed data” refers to compressed data which is neither scrambled nor encrypted.
- The term “render” is used, in all of its grammatical forms, throughout the present specification and claims to refer to any appropriate mechanism or method of making content palpable to one or more of the senses. In particular and without limiting the generality of the foregoing, “render” refers not only to display of video content but also to playback of audio content.
- The term “null compression” is used throughout the present specification and claims to mean not compressed.
- There is thus provided in accordance with a preferred embodiment of the present invention a method for protecting digital content including receiving compressed encrypted digital content, determining an output format based, at least in part, on all of the following a user-requested output format, received control information, and a rule determining whether a clear compressed output format is allowed, and producing output from the compressed digital content based on a result of the determining, wherein, if the rule does not allow clear compressed output format, the compressed encrypted digital content is provided in a form which prevents production of clear compressed output in the producing step.
- Further in accordance with a preferred embodiment of the present invention the form which prevents production of clear compressed output includes compressed encrypted digital content, additionally encrypted in accordance with a second encryption method, and the producing includes decrypting in accordance with the second encryption method, and decompressing, and the producing includes an atomic operation.
- Still further in accordance with a preferred embodiment of the present invention the method includes providing an output-producing hardware device, wherein at least the producing is performed in the hardware device.
- Additionally in accordance with a preferred embodiment of the present invention the hardware device is characterized by a device profile, and the determining is also based, at least in part, on the device profile.
- Moreover in accordance with a preferred embodiment of the present invention the determining is also performed in the hardware device.
- Further in accordance with a preferred embodiment of the present invention the hardware device is included in a single integrated circuit.
- Still further in accordance with a preferred embodiment of the present invention the integrated circuit is included in a smart card.
- Additionally in accordance with a preferred embodiment of the present invention the method includes rendering the output sensible to at least one human sense.
- Moreover in accordance with a preferred embodiment of the present invention the rendering includes at least one of the following: audio rendering; visual rendering; and audio/visual rendering.
- Further in accordance with a preferred embodiment of the present invention the compression includes null compression.
- Still further in accordance with a preferred embodiment of the present invention local scrambling is applied to the content.
- Additionally in accordance with a preferred embodiment of the present invention no output is produced.
- There is also provided in accordance with another preferred embodiment of the present invention apparatus for protecting digital content including a digital content receiver receiving compressed encrypted digital content, an output format determination unit determining an output format based, at least in part, on all of the following: a user-requested output format; received control information; and a rule determining whether a clear compressed output format is allowed, and a content output unit producing output from the compressed digital content based on a result produced by the output format determination unit, wherein, if the rule does not allow clear compressed output format, the compressed encrypted digital content is provided to the digital content receiver in a form which prevents production of clear compressed output by the content output unit.
- Further in accordance with a preferred embodiment of the present invention the form which prevents production of clear compressed output includes compressed encrypted digital content, additionally encrypted in accordance with a second encryption method, and the content output unit includes a decrypting unit decrypting in accordance with the second encryption method, and decompressing apparatus, and the content output unit produces output in an atomic operation.
- Still further in accordance with a preferred embodiment of the present invention the apparatus includes an output-producing hardware device, wherein at least the content output unit is included in the hardware device.
- Additionally in accordance with a preferred embodiment of the present invention the hardware device is characterized by a device profile, and the output format determination unit determines the output format based, at least in part, on the device profile.
- Moreover in accordance with a preferred embodiment of the present invention the output format determination unit is also included in the hardware device.
- Further in accordance with a preferred embodiment of the present invention the hardware device is included in a single integrated circuit.
- Still further in accordance with a preferred embodiment of the present invention the integrated circuit is included in a smart card.
- Additionally in accordance with a preferred embodiment of the present invention the apparatus includes a rendering device which renders the output sensible to at least one human sense.
- Moreover in accordance with a preferred embodiment of the present invention the rendering device includes at least one of the following: an audio rendering device; a visual rendering device; and an audio/visual rendering device.
- Further in accordance with a preferred embodiment of the present invention the compression includes null compression.
- Still further in accordance with a preferred embodiment of the present invention local compression is applied to the content.
- Additionally in accordance with a preferred embodiment of the present invention no output is produced.
- There is also provided in accordance with yet another preferred embodiment of the present invention a digital content receiver (DCR) including: a local scrambling descrambler; a broadcast descrambler receiving an output produced by the local scrambling descrambler; a local scrambler, a combined extra encryption algorithm decryptor and decoder/decompressor (XDDC), and a switch operative to provide an output of the broadcast descrambler to exactly one of the local scrambler and the XDDC, wherein the DCR is operative to receive control information and compressed encrypted digital content, and at least the setting of the switch is determined, at least in part, by the control information, and the DCR is operative to produce an output based on all of the following: the compressed digital content; a user-requested output format; the received control information; and a rule determining whether a clear compressed output format is allowed, and if the rule does not allow clear compressed output format, the compressed encrypted digital content is provided to the DCR in a form which prevents production of clear compressed output as the output of the DCR.
- Further in accordance with a preferred embodiment of the present invention the local scrambling descrambler is operative to perform exactly one of the following operations based, at least in part, on the received control information: receive an input and produce an output substantially identical to the received input; and receive an input, and perform descrambling on the received input, thereby producing an output.
- Still further in accordance with a preferred embodiment of the present invention the local scrambler is operative to perform exactly one of the following operations based, at least in part, on the received control information receive an input and produce an output substantially identical to the received input, and receive an input and perform local scrambling on the received input, thereby producing an output.
- Additionally in accordance with a preferred embodiment of the present invention the DCR includes an output-producing hardware device, wherein at least the content output unit is included in the hardware device.
- Moreover in accordance with a preferred embodiment of the present invention the hardware device is included in a single integrated circuit.
- Further in accordance with a preferred embodiment of the present invention the integrated circuit is included in a smart card.
- Still further in accordance with a preferred embodiment of the present invention the DCR includes a rendering device which renders the output sensible to at least one human sense.
- Additionally in accordance with a preferred embodiment of the present invention the rendering device includes at least one of the following an audio rendering device, a visual rendering device, and an audio/visual rendering device.
- Moreover in accordance with a preferred embodiment of the present invention the XDDC is operative, based, at least in part, on the received control information, to receive an input, and descramble and decode the received input in an atomic operation, thereby producing an output.
- There is also provided in accordance with yet another preferred embodiment of the present invention a content-protected personal video recorder (PVR) including a DCR, and a PVR unit including PVR storage media, the PVR unit receiving the output produced by the DCR.
- Further in accordance with a preferred embodiment of the present invention the PVR unit is operative to store the received output on the PVR storage media.
- Still further in accordance with a preferred embodiment of the present invention the output produced by the DCR includes locally scrambled output.
- Additionally in accordance with a preferred embodiment of the present invention the PVR unit is operative to retrieve the stored output from the PVR storage media.
- Moreover in accordance with a preferred embodiment of the present invention the output retrieved by the PVR includes locally scrambled output.
- Further in accordance with a preferred embodiment of the present invention the DCR performs at least one of the following on the locally scrambled output retrieved by the PVR decryption, and decompression.
- Still further in accordance with a preferred embodiment of the present invention the PVR unit is operative to store received XEA encrypted output on the PVR storage media.
- Additionally in accordance with a preferred embodiment of the present invention the output produced by the DCR includes XEA encrypted output.
- Moreover in accordance with a preferred embodiment of the present invention the PVR unit is operative to retrieve the stored XEA encrypted output from the PVR storage media.
- Further in accordance with a preferred embodiment of the present invention the output retrieved by the PVR includes XEA encrypted output.
- Still further in accordance with a preferred embodiment of the present invention the DCR performs, as an atomic operation, decryption and decompression on the XEA encrypted output retrieved by the PVR.
- There is also provided in accordance with yet another preferred embodiment of the present invention a content-protected television system including a DCR, and a television unit, the television unit receiving the output produced by the DCR.
- Further in accordance with a preferred embodiment of the present invention the television unit includes an analog television unit.
- Still further in accordance with a preferred embodiment of the present invention the television unit includes a digital television unit.
- The present invention will be understood and appreciated more fully from the following detailed description, taken in conjunction with the drawings in which:
-
FIG. 1 is a generalized block diagram illustration of a clear compressed content control system constructed and operative in accordance with a preferred embodiment of the present invention; -
FIG. 2A is a generalized block diagram illustration of a system for producing scrambled compressed digital content, useful for understanding the operation of the system ofFIG. 1 ; -
FIG. 2B is a generalized block diagram illustration of an alternative system for producing scrambled compressed digital content, useful for understanding the operation of the system ofFIG. 1 ; -
FIG. 3 is a generalized block diagram illustration of a preferred implementation of the system ofFIG. 1 , illustrating an implementation in which output is stored in a PVR; -
FIG. 4 is a generalized block diagram illustration of an alternative preferred implementation of the system ofFIG. 1 , illustrating an implementation in which output comprises compressed content; -
FIG. 5 is a generalized block diagram illustration of another alternative preferred implementation of the system ofFIG. 1 , illustrating an implementation in which output is displayed on an analog television; -
FIG. 6A is a generalized block diagram illustration of yet another alternative preferred implementation of the system ofFIG. 1 , illustrating an implementation in which output is not useable; -
FIG. 6B is a generalized block diagram illustration of a preferred embodiment of control information, useful for understandingFIG. 6A ; -
FIG. 7 is a generalized block diagram illustration of another alternative preferred implementation of the system ofFIG. 1 , illustrating an implementation in which output is displayed on a digital television; -
FIG. 8 is a generalized block diagram illustration of yet another alternative preferred implementation of the system ofFIG. 1 , illustrating another implementation in which output is stored in a PVR; -
FIG. 9 is a generalized block diagram illustration of still another alternative preferred implementation of the system ofFIG. 1 , illustrating another implementation in which output is displayed on a digital television; -
FIG. 10 is a generalized block diagram illustration of another alternative preferred implementation of the system ofFIG. 1 , illustrating another implementation in which output is displayed on an analog television; -
FIG. 11 is a generalized block diagram illustration of a mode of operation of the system ofFIG. 1 , illustrating a mode in which compressed encrypted content is output; -
FIG. 12 is a generalized block diagram illustration of an alternative mode of operation of the system ofFIG. 1 , illustrating a mode in which clear uncompressed content is output; -
FIG. 13 is a generalized block diagram illustration of an alternative mode of operation of the system ofFIG. 1 , illustrating a mode in which clear compressed content is output; -
FIG. 14 is a generalized block diagram illustration of an yet another alternative mode of operation of the system ofFIG. 1 , illustrating a mode in which no output is to be produced; -
FIG. 15 is a generalized block diagram illustration of an still another alternative mode of operation of the system ofFIG. 1 , illustrating a mode in which clear compressed content is attempted to be output but no output is allowed; and -
FIG. 16 is a simplified flowchart illustration of a preferred method of operation of the system ofFIG. 1 . - Reference is now made to
FIG. 1 , which is a generalized block diagram illustration of a clear compressed content control system constructed and operative in accordance with a preferred embodiment of the present invention. - The system of
FIG. 1 comprises a digital content receiver (DCR) 5. TheDCR 5 is preferably operative to receive scrambled compressed digital content and to produce therefrom one or more types of output in accordance with content control rules, as will be described in more detail below. Persons skilled in the art will appreciate that theDCR 5 may comprise a single integrated circuit. Persons skilled in the art will further appreciate that the circuit described in this specification need not be embedded in fixed hardware; rather, all or part of the circuit described may be embedded in a removable security element, such as a smart card. - Reference is now additionally made to
FIG. 2A , which is a generalized block diagram illustration of a system for producing scrambled compressed digital content, useful for understanding operation of the system ofFIG. 1 . The system ofFIG. 2A is provided by way of example only and is not meant to be limiting. - In the system illustrated in
FIG. 2A ,clear content 10, typically comprising clear digital content, is input. Acompression device 20 compresses theclear content 10, using any appropriate compression method, such as MPEG-2 or MPEG-4, as is well known in the art, to produce compressed cleardigital content 30. - The compressed clear
digital content 30 is input to abroadcast scrambler 40, which, using encryption methods known in the art, produces therefrom scrambled compresseddigital content 50. Non-limiting examples of such encryption methods include DVB (refer to standard ETSI EN 301 192), DES, and 3DES (both DES and 3DES are described in Applied Cryptography, referred to above, at pp. 265-301). - Reference is now additionally made to
FIG. 2B , which is a generalized block diagram illustration of an alternative system for producing scrambled compressed digital content, useful for understanding operation of the system ofFIG. 1 . The system ofFIG. 2B is provided by way of example only and is not meant to be limiting. - The system of
FIG. 2B is preferably similar to the system ofFIG. 2A , and additionally comprises apparatus for implementing an “extra” encryption algorithm (XEA). Nonlimiting examples of encryption schemes usable for XEA, which schemes are well known in the art, preferably include Diffie-Hellman (described in Applied Cryptography, referred to above, at pp. 513-516) and El-Gamal (refer to Applied Cryptography pgs. 532-533). - In the system illustrated in
FIG. 2B ,clear content 10, typically comprising clear digital content, is received: Acompression device 20 compresses theclear content 10, using any appropriate compression method, as is well known in the art, to produce compressed cleardigital content 30. - The compressed clear
digital content 30 is received by anXEA scrambler 240, which produces therefrom XEA scrambled compresseddigital content 230. - The XEA scrambled compressed
digital content 230 is input to thebroadcast scrambler 40. Thebroadcast scrambler 40 produces therefrom broadcast scrambled XEA scrambled compresseddigital content 250 using encryption methods similar to those described above with reference toFIG. 2A . - Referring back to
FIG. 1 , theDCR 5 preferably comprises the following components, each of which is typically implemented in either hardware, software, or a combination thereof: - 1. A descrambler, shown in
FIG. 1 by way of example only as alocal scrambling descrambler 100. It is appreciated that the type ofdescrambler 100 provided in the system ofFIG. 1 is chosen to correspond to a type of scrambling used to scramble content intended for theDCR 5. Examples of local scrambling would include, but not be limited to, such well known algorithms as AES (FIPS-197, described in csrc.nist.gov/publications/fips/fips197/fips-197.pdf), skipjack (FIPS-185, described in csrc.nist.gov/encryption/skipjack/skipjack.pdf), blowfish (described in Applied Cryptography, referred to above, at pp. 336-339), RC5 (described in Applied Cryptography, referred to above, at pp. 344-346), IDEA (described in Applied Cryptography, referred to above, at pp. 319-325), two fish (described on the Internet at www.counterpane.com/twofish.html), DEAL (described on the Internet at www RC6 (described on the Internet at theory.lcs.mit.edu/˜rivest/rc6.ps), serpent (described on the Internet at www.cl.cam.ac.uk/˜rja14/serpent.html), RC4 (described in Applied Cryptography, referred to above, at pp. 397-398), and SEAL (described in Applied Cryptography, referred to above, at pp. 398-400). - 2. A
broadcast descrambler 110, which is preferably operatively associated with thelocal scrambling descrambler 100. Thebroadcast descrambler 110 is preferably operative to receive the output produced by thelocal scrambling descrambler 100 and to perform broadcast descrambling thereon. - 3. A
local scrambler 120, which is preferably operatively associated with thebroadcast descrambler 110 via aswitch 140. When theswitch 140 is set to send output from thebroadcast descrambler 110 to thelocal scrambler 120, thelocal scrambler 120 is preferably operative to receive said output and to perform local scrambling thereon. It is appreciated that, depending on the information in thecontrol information 160, thelocal scrambler 120 may alternatively take no scrambling action; in such a case thelocal scrambler 120 preferably produces output substantially identical to the input received by thelocal scrambler 120. - 4. A combined XEA decryptor and decode/decompressor (XDDC) 130, which is also preferably operatively associated with the
broadcast descrambler 110 via theswitch 140. When theswitch 140 is set to send output from thebroadcast descrambler 110 to theXDDC 130, theXDDC 130 is preferably operative to receive said output and to perform both XEA decryption and decoding/decompression thereon. - The attribute of operations being able to be performed only together, and not separately, is referred to in the present specification and claims as an “atomic operation”.
- For example, decryption and decoding/decompression in the
XDDC 130 comprise an atomic operation. TheXDDC 130 is designed in such a way that theXDDC 130 must perform decoding and decompressing together. TheXDDC 130 will not perform decoding alone, nor will the XDDC perform decompressing alone. Anti-tamper techniques, which are well known in the art, are preferably used to ensure the integrity of theXDDC 130. - The term “XEA”, as used throughout the present specification and claims refers to any appropriate encryption scheme. Nonlimiting examples of encryption schemes usable for XEA might preferably include Diffie-Hellman and El-Gamal. The key (also referred to herein as a “control word”) for XEA is preferably provided by a conditional access system broadcasting an entitlement control message, as is known in the art. A device (not shown in
FIG. 1 ) such as a set-top box or PVR, in which theDCR 5 may preferably be comprised, receives the entitlement control message. Using techniques known in the art, the device (not shown inFIG. 1 ) derives the control word from the entitlement control message and provides the control word to theDCR 5. - 5. A plurality of switches, shown in
FIG. 1 as thefirst switch 140 and thesecond switch 150 described above. As will be described in more detail below, the plurality of switches preferably also includes other switches (not shown inFIG. 1 ). Each of the plurality of switches is preferably set in accordance withcontrol information 160 received by theDCR 5. Thecontrol information 160 is preferably determined, at least in part, by an owner or controller (not shown) of digital content (not shown inFIG. 1 ) sent to theDCR 5. In some preferred embodiments of the present invention, thecontrol information 160 is also preferably determined, at least in part, based on input of a user of theDCR 5, requesting to make use of the digital content in a particular way. In some preferred embodiments of the present invention, thecontrol information 160 is also preferably determined, at least in part, based on receiver policy. Thecontrol information 160 and the manner in which the plurality of switches are preferably set are described in more detail below. - It is appreciated that, depending on the information contained in the
control information 160 and the scrambling state of the content, each of thelocal scrambling descrambler 100; thebroadcast descrambler 110; thelocal scrambler 120; and theXDDC 130 in the system ofFIG. 1 may be either preferably operational or non-operational. For example, and without limiting the generality of the foregoing, thelocal scrambling descrambler 100 may or may not perform local scrambling descrambling. Another non-limiting example would be that thelocal scrambler 120 may or may not perform local scrambling. It is appreciated that if any one or more of thelocal scrambling descrambler 100; thebroadcast descrambler 110; thelocal scrambler 120; and theXDDC 130 are non-operational, data input into the non-operational element would be passed substantially unchanged as the output thereof. - Persons skilled in the art will appreciate that the
DCR 5 also preferably comprises other components (not shown), which typically comprise conventional components well known in the art of content receivers. Non-limiting examples of such components include tuners, demultiplexers, and digital-to-analog converters. - The operation of the system of
FIG. 1 is now briefly described. - Various modes of operation of the system of
FIG. 1 are determined based on thecontrol information 160 received by theDCR 5. Preferably, upon receiving a new item of digital content, thefirst switch 140 is set to 0 and thesecond switch 150 is set to 1, preventing any output from being produced by theDCR 5; this is intended to guarantee that output based on any particular item of digital content is controlled only on the basis ofcontrol information 160 associated with that item of digital content. - Persons skilled in the art will appreciate, as discussed above, that digital data is particularly valuable in its clear compressed format because a recipient without authorization can easily use clear compressed digital data. Furthermore, digital data in its clear compressed format is easily transmitted. Therefore, it is an object of the present invention, in certain preferred embodiments thereof, to prevent the output of clear compressed content when the
control information 160 does not permit such output. - The following discussion, beginning with the description of
FIG. 3 and until the end of the description ofFIG. 10 , relates to various implementations of systems comprising the DCR 5: Detailed description of theDCR 5 resumes with the description ofFIG. 11 . InFIGS. 3-10 and in the descriptions ofFIGS. 3-10 , in many cases, for ease of depiction and description, details of theDCR 5 are omitted. - Reference is now made to
FIG. 3 , which is a generalized block diagram illustration of a preferred implementation of the system ofFIG. 1 . In the system ofFIG. 3 , broadcast scrambled, XEA scrambledcompressed content 250 is received as input by adevice 310, comprising theDCR 5. Non-limiting examples of such thedevice 310 would be a set-top box (STB) or personal video recorder (PVR). In the implementation ofFIG. 3 , and based on thecontrol information 160, the broadcast scrambled, XEA scrambledcompressed content 250 bypasses theDCR 5 in order to be output as broadcast scrambled, XEA scrambledcompressed content 250 to storage media (not shown inFIG. 3 ) comprised in aPVR 320. Persons skilled in the art will appreciate that thePVR 320 may comprise the same unit or may share components with theDCR 5, and is shown as a separate unit inFIG. 3 for illustrative purposes only. - Reference is now made to
FIG. 4 , which is a generalized block diagram illustration of an alternative preferred implementation of the system ofFIG. 1 . In the system ofFIG. 4 , in accordance with receivedcontrol information 160, broadcast scrambledcontent 50 is input into adevice 310, comprising theDCR 5. Non-limiting examples of thedevice 310 would be a STB or PVR. In the implementation ofFIG. 4 , and based on thecontrol information 160, the broadcast scrambledcontent 50 is input to thebroadcast descrambler 110, producing compressed cleardigital content 30. The compressed cleardigital content 30 is output from the system. Persons skilled in the art will appreciate that the implementation ofFIG. 4 is useful when the broadcast scrambledcontent 50 comprises interactive television data and does not comprise valuable video content. - Reference is now made to
FIG. 5 , which is a generalized block diagram illustration of another alternative preferred implementation of the system ofFIG. 1 . In the system ofFIG. 5 , in accordance with receivedcontrol information 160, broadcast scrambled, XEA scrambledcompressed content 250 is input into thedevice 310, comprising theDCR 5. Non-limiting examples of thedevice 310 would be a STB or PVR. In the implementation ofFIG. 5 , and based on thecontrol information 160, the broadcast scrambled content, XEA scrambledcompressed content 250 is input to thebroadcast descrambler 110, producing XEA scrambledcompressed content 230. - The XEA scrambled
compressed content 230 is then input into theXDDC 130, which, in an atomic operation, producesclear content 10. Theclear content 10 thus produced is input into ananalog television 510 for viewing. - Reference is now made to
FIG. 6A , which is generalized block diagram illustration of another alternative preferred implementation of the system ofFIG. 1 . In the system ofFIG. 6A , in accordance with receivedcontrol information 160, broadcast scrambled, XEA scrambledcompressed content 250 is input into thedevice 310 preferably comprising theDCR 5. Non-limiting examples of thedevice 310 would be a STB or PVR. Reference is now additionally made toFIG. 6B which is a generalized illustration of several elements which are preferably comprised incontrol information 160, useful for understandingFIG. 6A .Control information 160 preferably comprises: an owner orcontroller usage rule 610; adigital receiver policy 620; anduser input 630. - In the implementation of
FIG. 6A , at least one element of the owner orcontroller usage rule 610, and/or thedigital receiver policy 620 prohibit decryption. In the implementation ofFIG. 6A , the user attempts to useuser input 630 of thecontrol information 160 in order to override the decryption prohibition resulting from the combination of owner orcontroller usage rule 610 and thedigital receiver policy 620. - In the implementation of
FIG. 6A , and based on thecontrol information 160, the broadcast scrambledcontent 250 is input to thebroadcast descrambler 110, producing XEA scrambledcompressed content 230. In the absence of any further control information, the XEA scrambledcompressed content 230 output is not decrypted. - Lacking decryption, and in the absence of another means of performing XEA decryption, the XEA scrambled
compressed content 230 output is rendered effectively useless. - Reference is now made to
FIG. 7 , which is a generalized block diagram illustration of another alternative preferred implementation of the system ofFIG. 1 . In the system ofFIG. 7 , in accordance with receivedcontrol information 160, broadcast scrambled, XEA scrambledcompressed content 250 is input into thedevice 310 comprising theDCR 5. Non-limiting examples of thedevice 310 would be a STB or PVR. In the implementation ofFIG. 7 , and based on thecontrol information 160, the broadcast scrambled, XEA scrambledcompressed content 250 is input to thebroadcast descrambler 110, producing XEA scrambledcompressed content 230. - The XEA scrambled
compressed content 230 is input into thelocal scrambler 120 which outputs local scrambled, XEA scrambledcompressed content 710. The local scrambled, XEA scrambledcompressed content 710 is output by thedevice 310 and input into adigital television 720. - Within the
digital television 720, in accordance with secondgeneration control information 860, the local scrambled, XEA scrambledcompressed content 710 is input into thelocal scrambling descrambler 730, producing XEA scrambledcompressed content 230. The XEA scrambledcompressed content 230 is input into theXDDC 130, which in an atomic operation producesclear content 10, suitable for viewing. - With reference to the second
generation control information 860, it is appreciated that in all cases where there iscontrol information 160 and secondgeneration control information 860, theoriginal control information 160 is preferably reflected in the secondgeneration control information 860. Non-limiting examples of firstgeneration control information 160 being reflected in secondgeneration control information 860 would be, as discussed above, the DTCP specification basic copy states. A specific non-limiting example of the operation of first and second generation control information would be where firstgeneration control information 160 allows copy once; in such a case, the secondgeneration control information 860 for the copy would allow no further copying. Another specific non-limiting example would be where the firstgeneration control information 160 allows copy freely; the secondgeneration control information 860 would also allow copy freely. - Reference is now made to
FIG. 8 , which is a generalized block diagram illustration of another alternative preferred implementation of the system ofFIG. 1 . In the system ofFIG. 8 , in accordance with receivedcontrol information 160, broadcast scrambled, XEA scrambledcompressed content 250 is input into thedevice 310 comprising aDCR 5. A non-limiting example of thedevice 310 would be a STB or PVR. In the implementation ofFIG. 8 , and based on thecontrol information 160, the broadcast scrambled, XEA scrambledcompressed content 250 is input to thebroadcast descrambler 110. - In accordance with the
control information 160, thebroadcast descrambler 110 takes no action. It is appreciated that thebroadcast scrambler 110 preferably comprises an internal switch (not shown), which, based on thecontrol information 160, is set to take no action. The broadcast scrambled, XEA scrambledcompressed content 250 is input to thelocal scrambler 120. Thelocal scrambler 120 outputs locally scrambled broadcast scrambled XEA scrambledcompressed content 810. The locally scrambled broadcast scrambled XEA scrambledcompressed content 810 is then output to aPVR 820. Persons skilled in the art will appreciate that thePVR 820 may comprise the same unit or may share components with thedevice 310, and is shown as a separate unit inFIG. 8 for illustrative purposes only. Should thePVR 820 comprise the same unit as thedevice 310, it is appreciated that the locally scrambled, broadcast scrambled, XEA scrambledcompressed content 810 would preferably comprise locally scrambled, broadcast scrambled, XEA scrambledcompressed content 850. - The locally scrambled, broadcast scrambled, XEA scrambled
compressed content 810 is then input into alocal scrambling descrambler 830, producing broadcast scrambled, XEA scrambledcompressed content 250. The broadcast scrambled, XEA scrambledcompressed content 250 is input into abroadcast descrambler 110. - In accordance with the second
generation control information 860, thebroadcast descrambler 110 takes no action, and the broadcast scrambled, XEA scrambledcompressed content 250 is input to thelocal scrambler 120. Persons skilled in the art will appreciate that the secondgeneration control information 860 preferably differs from thecontrol information 160, as explained above in reference toFIG. 7 . Thelocal scrambler 120 outputs locally scrambled, broadcast scrambled, XEA scrambledcompressed content 850. The locally scrambled, broadcast scrambled, XEA scrambledcompressed content 850 is then stored on aPVR storage disk 840. The locally scrambled, broadcast scrambled, XEA scrambledcompressed content 850 preferably differs from the locally scrambled, broadcast scrambled, XEA scrambledcompressed content 810 in that a different control word is preferably used in local scrambling. - With reference to the second
generation control information 860, it is appreciated that in all cases where there iscontrol information 160 and a second generation ofcontrol information 860, theoriginal control information 160 is preferably reflected in the second generation ofcontrol information 860, as described above more fully with reference toFIG. 7 . - Reference is now made to
FIG. 9 , which is a generalized block diagram illustration of another alternative preferred implementation of the system ofFIG. 1 . In the system ofFIG. 9 , in accordance with receivedcontrol information 160, broadcast scrambled, XEA scrambledcompressed content 250 is input into thedevice 310 comprising aDCR 5. A non-limiting example of thedevice 310 would be a STB or PVR. In the implementation ofFIG. 9 , and based on thecontrol information 160, the broadcast scrambled, XEA scrambledcompressed content 250 is input to thebroadcast descrambler 110. - In accordance with the
control information 160, thebroadcast descrambler 110 takes no action, and the broadcast scrambled, XEA scrambledcompressed content 250 is input to thelocal scrambler 120. Thelocal scrambler 120 outputs locally scrambled, broadcast scrambled, XEA scrambledcompressed content 810. The locally scrambled, broadcast scrambled, XEA scrambledcompressed content 810 is then output to aPVR 820. Persons skilled in the art will appreciate that thePVR 820 may be comprised in thedevice 310, or may reside externally thereto, as illustrated inFIG. 9 . Should thePVR 820 comprise the same unit as the STB orPVR 310, it is appreciated that the broadcast scrambled, XEA scrambledcompressed content 250 is input into thebroadcast descrambler 110, producing XEA scrambled, compressedencrypted content 230. The XEA scrambled, compressedencrypted content 230 is then input directly into thelocal scrambler 120, producing locally scrambled, XEA scrambledcompressed content 710, as described below. - In accordance with second
generation control information 860, the locally scrambled, broadcast scrambled, XEA scrambledcompressed content 810 is then input into alocal scrambling descrambler 830, producing broadcast scrambled, XEA scrambledcompressed content 250. The broadcast scrambled, XEA scrambledcompressed content 250 is input into abroadcast descrambler 110. - With reference to the second
generation control information 860, it is appreciated that in all cases where there iscontrol information 160 and a second generation ofcontrol information 860, theoriginal control information 160 is preferably reflected in the second generation ofcontrol information 860, as described above more fully with reference toFIG. 7 . - The
broadcast descrambler 110 outputs XEA scrambledcompressed content 230, which is input into alocal scrambler 120. Thelocal scrambler 120 produces locally scrambled, XEA scrambledcompressed content 710 which is input into adigital television 720. - Within the
digital television 720 the locally scrambled, XEA scrambledcompressed content 710 is input into alocal scrambling descrambler 730, producing XEAcompressed content 230. The XEA compressedcontent 230 is input into theXDDC 130, which performs an atomic operation producingclear content 10 suitable for viewing. - Reference is now made to
FIG. 10 , which is a generalized block diagram illustration of another alternative preferred implementation of the system ofFIG. 1 . In the system ofFIG. 10 , in accordance with receivedcontrol information 160, broadcast scrambled, XEA scrambledcompressed content 250 is input into adevice 310, comprising theDCR 5. Non-limiting examples of thedevice 310 would be a STB or PVR. In the implementation ofFIG. 10 , and based on thecontrol information 160, the broadcast scrambled, XEA scrambledcompressed content 250 is input to thebroadcast descrambler 110. - In accordance with the
control information 160, thebroadcast descrambler 110 takes no action, and the broadcast scrambled, XEA scrambledcompressed content 250 is input to thelocal scrambler 120. Thelocal scrambler 120 outputs locally scrambled, broadcast scrambled, XEA scrambledcompressed content 810. The locally scrambled, broadcast scrambled, XEA scrambledcompressed content 810 is then output to aPVR 820. Persons skilled in the art will appreciate that thePVR 820 may comprise the same unit or may share components with thedevice 310, and is shown as a separate unit inFIG. 10 for illustrative purposes only. - In accordance with second
generation control information 860, the locally scrambled, broadcast scrambled, XEA scrambledcompressed content 810 is then input into anlocal scrambling descrambler 830, producing broadcast scrambled, XEA scrambledcompressed content 250. The broadcast scrambled, XEA scrambledcompressed content 250 is input into abroadcast descrambler 110. - With reference to the second
generation control information 860, it is appreciated that in all cases where there iscontrol information 160 and a second generation ofcontrol information 860, theoriginal control information 160 is preferably reflected in the second generation ofcontrol information 860, as described above more fully with reference toFIG. 7 . - The
broadcast descrambler 110 outputs XEA scrambledcompressed content 230 which is input into theXDDC 130. TheXDDC 130 performs an atomic operation outputtingclear content 10, suitable for viewing on ananalog television 510. - Referring back to
FIG. 1 , one skilled in the art will appreciate that the preferred modes of operation of the system ofFIG. 1 comprise the following modes: - A. Permitted Modes
- The term “permitted modes”, as used herein, refers to modes of operation of the system of
FIG. 1 , which are permitted by the owner or controller of the item of digital content received by theDCR 5. -
- I. Compressed encrypted content is to be output.
- II. Clear uncompressed content is to be output.
- III. Clear compressed content is to be output.
- B. Default Mode, in the Absence of any Control Information
-
- IV. No output is to be produced.
- C. Forbidden Mode
-
- V. Clear compressed content is attempted to be output, not in accordance with the
control information 160.
- V. Clear compressed content is attempted to be output, not in accordance with the
- Preferred modes of operation of the system of
FIG. 1 , in accordance with each of modes I-V, are now described in greater detail. - I. Compressed Encrypted Content is to be Output.
- Reference is now additionally made to
FIG. 11 , which is a generalized block diagram illustration of the system ofFIG. 1 , illustrating a mode in which compressed encrypted content is output. - In the mode of operation shown in
FIG. 11 , locally scrambled, broadcast scrambled, compressedcontent 70 is input to theDCR 5. The broadcast scrambled, compressedcontent 70 is descrambled by thelocal scrambler descrambler 100 producing broadcast scrambled, compressedcontent 50. - The broadcast scrambled, compressed
content 50 is descrambled by thebroadcast descrambler 110, producing compressed cleardigital content 30. - The
first switch 140 is set in accordance with thecontrol information 160 received by theDCR 5 to output compressed cleardigital content 30 to thelocal scrambler 120. Thelocal scrambler 120 scrambles the compressed cleardigital content 30, producing compressed locally scrambledoutput 310. - The
second switch 150 is set in accordance withcontrol information 160 received by theDCR 5 to allow output of the compressed locally scrambledoutput 310. - It is appreciated that there exist in the mode of operation shown in
FIG. 11 possible alternative inputs to theDCR 5. Inputs not depicted include: locally scrambled compressed content and broadcast scrambled compressed content. In the cases of locally scrambled compressed content and broadcast scrambled compressed content, in accordance with thecontrol information 160, similarly to the case where locally scrambled, broadcast scrambled, compressedcontent 70 is input, the mode of operation shown inFIG. 11 produces compressed locally scrambledoutput 310. - II. Clear Uncompressed Content is to be Output.
- Reference is now additionally made to
FIG. 12 , which is a generalized block diagram illustration of the system ofFIG. 1 , illustrating a mode in which clear uncompressed content is to be output. - In the mode of operation in
FIG. 12 , locally scrambled, broadcast scrambled, XEA scrambledcompressed content 270 is input to theDCR 5. The locally scrambled, broadcast scrambled, XEA scrambledcompressed content 270 is descrambled by thelocal scrambling descrambler 100 producing broadcast scrambled, XEA scrambledcompressed content 250. - The broadcast scrambled, XEA scrambled
compressed content 250 is descrambled by thebroadcast descrambler 110, producing XEA scrambledcompressed content 230. - The
first switch 140 is set in accordance withcontrol information 160 received by theDCR 5 to output the XEA scrambledcompressed content 230 to theXDDC 130. - The XEA scrambled
compressed content 230 is XEA decrypted and decompressed by theXDDC 130, which performs an atomic operation producing uncompressedclear content 10. - The
second switch 150 is not relevant to the operation of producing uncompressedclear content 10; therefore, the setting of thesecond switch 150 is preferably not changed from the default position thereof. - It is appreciated that there exist in the mode of operation shown in
FIG. 12 possible alternative inputs to theDCR 5. Inputs not depicted include: locally scrambled XEA scrambled compressed content and broadcast scrambled XEA scrambled compressed content. In the cases of locally scrambled XEA scrambled compressed content and broadcast scrambled XEA scrambled compressed content, in accordance with thecontrol information 160, similarly to the case where locally scrambled, broadcast scrambled, XEA scrambledcompressed content 270 is input, the mode of operation shown inFIG. 12 produces uncompressedclear content 10. - III. Clear Compressed Content is to be Output.
- Reference is now additionally made to
FIG. 13 , which is a generalized block diagram illustration of the system ofFIG. 1 , illustrating a mode in which clear compressed content is to be output. - In the mode of operation in
FIG. 13 , locally scrambled, broadcast scrambled, compressedcontent 70 is input to theDCR 5. The locally scrambled, broadcast scrambled, compressedcontent 70 is descrambled by thelocal scrambling descrambler 100 producing broadcast scrambled, compressedcontent 50. - The broadcast scrambled, compressed
content 50 is descrambled by thebroadcast descrambler 110, producing compressed cleardigital content 30. - The
first switch 140 is set in accordance withcontrol information 160 received by theDCR 5 to output compressed cleardigital content 30 to thelocal scrambler 120. In accordance withcontrol information 160 received by theDCR 5 and intended for thelocal scrambler 120, thelocal scrambler 120 does not scramble the compressed cleardigital content 30; thelocal scrambler 120 preferably passes the received input as its output with no change. It is appreciated that thelocal scrambler 120 preferably comprises an internal switch (not shown), which in the present implementation is set to take no action. - The
second switch 150 is set in accordance withcontrol information 160 received by theDCR 5 to allow output of the compressed cleardigital content 30. - It is appreciated that there exist in the mode of operation shown in
FIG. 13 possible alternative inputs to theDCR 5. Inputs not depicted include: locally scrambled compressed content and broadcast scrambled compressed content. In the cases of locally scrambled compressed content and broadcast scrambled compressed content, in accordance with thecontrol information 160, similarly to the case where locally scrambled, broadcast scrambled, compressedcontent 70 is input, the mode of operation shown inFIG. 13 produces compressed cleardigital content 30. - IV. No Output is to be Produced.
- Reference is now additionally made to
FIG. 14 , which is a generalized block diagram illustration of the system ofFIG. 1 , illustrating a mode in which no output is to be produced. - In the mode of operation in
FIG. 14 , locally scrambled, broadcast scrambled, compressedcontent 70 is input to theDCR 5. The locally scrambled, broadcast scrambled, compressedcontent 70 is descrambled by thelocal scrambling descrambler 100 producing broadcast scrambled, compressedcontent 50. - In the absence of
valid control information 160 the broadcast scrambled, compressedcontent 50 is not descrambled by thebroadcast descrambler 110, and is thus useless. Alternatively, if thecontrol information 160 mandates local scrambling, thelocal scrambler 120 scrambles the broadcast scrambled, compressedcontent 50 producing locally scrambled, broadcast scrambled,compressed content 310. - It is appreciated that there exist in the mode of operation shown in
FIG. 14 possible alternative inputs to theDCR 5. Inputs not depicted include: locally scrambled compressed content and broadcast scrambled compressed content. In the case of locally scrambled compressed content and broadcast scrambled compressed content, in the absence ofvalid control information 160, similarly to the case where locally scrambled, broadcast scrambled, compressedcontent 70 is input, the mode of operation shown inFIG. 14 produces no useful output. - V. Clear Compressed Content is Attempted to be Output, not in Accordance with the
Control Information 160. - Reference is now additionally made to
FIG. 15 , which is a generalized block diagram illustration of the system ofFIG. 1 , illustrating a mode in which clear compressed content is attempted to be output, not in accordance with thecontrol information 160. It is appreciated thatsubstitute control information 1560 is input to theDCR 5 by a person attempting to produce output not in accordance withcontrol information 160. - In the mode of operation in
FIG. 15 , locally scrambled, broadcast scrambled, XEA scrambled,compressed content 270 is input to theDCR 5. The locally scrambled, broadcast scrambled, XEA scrambled,compressed content 270 is descrambled by thelocal scrambling descrambler 100, which outputs broadcast scrambled, XEA scrambled,compressed content 250. - The broadcast scrambled, XEA scrambled,
compressed content 250 is descrambled by thebroadcast descrambler 110, producing XEA scrambled,compressed content 230. - The
first switch 140 is set in accordance withsubstitute control information 1560 received by theDCR 5 to output XEA scrambled,compressed content 230 to thelocal scrambler 120. In accordance with thesubstitute control information 1560 received by theDCR 5 and directed to thelocal scrambler 120, the XEA scrambled,compressed content 230 bypasses thelocal scrambler 120. Thelocal scrambler 120 thereby preferably outputs XEA scrambled,compressed content 230. Thesecond switch 150, in the presence ofsubstitute control information 1560 is set to 0, so that theDCR 5 outputs XEA scrambled,compressed content 230. However, the XEA scrambled, compressedencrypted content 230 is unusable because it bypassed theXDDC 130, and the XEA encryption was never removed. - Thus, the attempt to spoof the system of
FIG. 15 by providingsubstitute control information 1560 is rendered futile. - It is appreciated that there exist in the mode of operation shown in
FIG. 15 possible alternative inputs to theDCR 5. Inputs not depicted include: locally scrambled compressed content and broadcast scrambled compressed content. In the case of locally scrambled compressed content and broadcast scrambled compressed content, in accordance with thecontrol information 160, similarly to the case where locally scrambled, broadcast scrambled, compressedcontent 70 is input, the mode of operation shown inFIG. 15 produces useless compressedencrypted output 230. - Reference is now made to
FIG. 16 , which is a simplified flowchart illustration of a preferred method of operation of the system ofFIG. 1 . The method ofFIG. 16 preferably comprises the following steps: - Compressed digital content is received (step 810). If the rule referred to below in
step 820 does not allow a clear compressed output format, the compressed encrypted digital content is provided in a form which prevents production of clear compressed output as explained below instep 830. For example, and without limiting the generality of the foregoing, if the rule does not allow clear compressed output, the compressed encrypted digital content is provided as XEA encrypted content, as described above in reference toFIG. 15 . - An output format for the compressed digital content is determined, the output format being based, at least in part, on all of the following: a user-requested output format; received control information; and a rule determining whether a clear compressed output format is allowed (step 820).
- Output is produced from the compressed digital content based on a result of step 820 (step 830). If the control information that does not permit clear compressed output has been replaced by unauthorized control information that permits clear compressed output, then the result of attempting to produce clear compressed will not be usable, as described above with reference to
FIG. 15 . - It is appreciated that various features of the invention which are, for clarity, described in the contexts of separate embodiments may also be provided in combination in a single embodiment. Conversely, various features of the invention which are, for brevity, described in the context of a single embodiment may also be provided separately or in any suitable subcombination.
- It will be appreciated by persons skilled in the art that the present invention is not limited by what has been particularly shown and described hereinabove. Rather the scope of the invention is defined only by the claims which follow:
Claims (21)
1-47. (canceled)
48. A method for protecting digital content, the method comprising:
receiving compressed encrypted digital content;
determining an output format based, at least in part, on a rule determining whether a clear compressed output format is allowed; and
processing the compressed encrypted digital content so that any output produced will conform with the determined output format;
wherein, when the rule does not allow the clear compressed output format, (a) the compressed encrypted digital content is received in a form in which the compressed encrypted digital content has been encrypted by at least a first encryption method and a second encryption method, and (b) the processing step comprises a combination of decrypting in accordance with the second encryption method and decompressing, the decrypting and decompressing combination being an atomic operation so that the decrypting and decompressing can be performed only together and cannot be performed separately.
49. The method according to claim 48 , wherein the processing step is performed in a hardware device.
50. The method according to claim 49 ,
wherein the hardware device is characterized by a device profile; and
wherein the determined output format is based, in part, on the device profile.
51. The method according to claim 49 , wherein the determining step is performed in the hardware device.
52. The method according to claim 49 , wherein a single integrated circuit comprises the hardware device.
53. The method according to claim 52 , wherein a smart card comprises the single integrated circuit.
54. The method according to claim 48 , further comprising:
rendering an output sensible to at least one human sense.
55. The method according to claim 54 , wherein the rendering comprises at least one of the following: audio rendering; visual rendering; and audio/visual rendering.
56. The method according to claim 48 , further comprising:
applying local scrambling to the content.
57. The method according to claim 48 , wherein the determined output format is based, in part, on a digital content owner/controller usage rule, the digital content owner/controller usage rule comprising a copy control state selected from a group consisting of: (a) Copy Freely; (b) Copy One Generation; and (c) Copy Never.
58. An apparatus for protecting digital content, the apparatus comprising:
a digital content receiver for receiving compressed encrypted digital content;
an output format determination unit for determining an output format based, at least in part, on a rule determining whether a clear compressed output format is allowed; and
a processor for processing the compressed encrypted digital content so that any output produced will conform with the determined output format;
wherein, when the rule does not allow the clear compressed output format, (a) the compressed encrypted digital content is received in a form, in which the compressed encrypted digital content has been encrypted by at least a first encryption method and a second encryption method, and (b) the processing comprises a combination of decrypting in accordance with the second encryption method and decompressing, the decrypting and decompressing combination being an atomic operation so that the decrypting and decompressing can be performed only together and cannot be performed separately.
59. The apparatus according to claim 58 , further comprising:
a hardware device;
wherein the hardware device comprises the processor.
60. The apparatus according to claim 59 ,
wherein the hardware device is characterized by a device profile, and
wherein the determined output format is based, in part, on the device profile.
61. The apparatus according to claim 59 , wherein the hardware device further comprises the output format determination unit.
62. The apparatus according to claim 59 , wherein a single integrated circuit comprises the hardware device.
63. The apparatus according to claim 62 , wherein a smart card comprises the single integrated circuit.
64. The apparatus according to claim 58 , further comprising: a rendering device for rendering an output sensible to at least one human sense.
65. The apparatus according to claim 64 , wherein the rendering device comprises at least one of the following: an audio rendering device; a visual rendering device; and an audio/visual rendering device.
66. The apparatus according to claim 58 , further comprising: a local scrambler for applying local scrambling to the content.
67. The apparatus according to claim 58 wherein the determined output format is based, in part, on a digital content owner/controller usage rule, the digital content owner/controller usage rule comprising a copy control state selected from a group consisting of: (a) Copy Freely; (b) Copy One Generation; and (c) Copy Never.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/930,304 US20110103582A1 (en) | 2003-04-13 | 2011-01-03 | System for securing access to data streams |
Applications Claiming Priority (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
IL155416 | 2003-04-13 | ||
IL15541603A IL155416A0 (en) | 2003-04-13 | 2003-04-13 | System for securing access to data streams |
PCT/IL2003/000969 WO2004091132A1 (en) | 2003-04-13 | 2003-11-16 | System for securing access to data streams |
US54791107A | 2007-05-24 | 2007-05-24 | |
US12/930,304 US20110103582A1 (en) | 2003-04-13 | 2011-01-03 | System for securing access to data streams |
Related Parent Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/IL2003/000969 Continuation WO2004091132A1 (en) | 2003-04-13 | 2003-11-16 | System for securing access to data streams |
US54791107A Continuation | 2003-04-13 | 2007-05-24 |
Publications (1)
Publication Number | Publication Date |
---|---|
US20110103582A1 true US20110103582A1 (en) | 2011-05-05 |
Family
ID=32697055
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/547,911 Active 2027-09-25 US8755523B2 (en) | 2003-04-13 | 2003-11-16 | System for securing access to data streams |
US12/930,304 Abandoned US20110103582A1 (en) | 2003-04-13 | 2011-01-03 | System for securing access to data streams |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/547,911 Active 2027-09-25 US8755523B2 (en) | 2003-04-13 | 2003-11-16 | System for securing access to data streams |
Country Status (5)
Country | Link |
---|---|
US (2) | US8755523B2 (en) |
EP (2) | EP1602193A4 (en) |
AU (1) | AU2003279516A1 (en) |
IL (1) | IL155416A0 (en) |
WO (1) | WO2004091132A1 (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140016777A1 (en) * | 2012-07-12 | 2014-01-16 | Elwha Llc | Pre-Event Repository Associated with Individual Privacy and Public Safety Protection Via Double Encrypted Lock Box |
US9042546B2 (en) | 2012-10-16 | 2015-05-26 | Elwha Llc | Level-two encryption associated with individual privacy and public safety protection via double encrypted lock box |
US9521370B2 (en) | 2012-07-12 | 2016-12-13 | Elwha, Llc | Level-two decryption associated with individual privacy and public safety protection via double encrypted lock box |
US9596436B2 (en) | 2012-07-12 | 2017-03-14 | Elwha Llc | Level-one encryption associated with individual privacy and public safety protection via double encrypted lock box |
US9825760B2 (en) | 2012-07-12 | 2017-11-21 | Elwha, Llc | Level-two decryption associated with individual privacy and public safety protection via double encrypted lock box |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2013141795A1 (en) | 2012-03-19 | 2013-09-26 | Ab Durgo | A valve arrangement |
CN106101754A (en) * | 2016-06-21 | 2016-11-09 | 深圳创维数字技术有限公司 | A kind of method and device protecting data transmission stream |
Citations (45)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5742680A (en) * | 1995-11-13 | 1998-04-21 | E Star, Inc. | Set top box for receiving and decryption and descrambling a plurality of satellite television signals |
US5774548A (en) * | 1995-09-05 | 1998-06-30 | Hitachi, Ltd. | Digital broadcast transmitting and receiving system and transmitting and receiving apparatus thereof |
US5818934A (en) * | 1996-12-18 | 1998-10-06 | Phillips Electronics North America Corporation | Method and apparatus for providing a cryptographically secure interface between the decryption engine and the system decoder of a digital television receiver |
US5878135A (en) * | 1996-11-27 | 1999-03-02 | Thomson Consumer Electronics, Inc. | Decoding system for processing encrypted broadcast, cable or satellite video data |
US5933500A (en) * | 1996-05-31 | 1999-08-03 | Thomson Consumer Electronics, Inc. | Adaptive decoding system for processing encrypted and non-encrypted broadcast, cable or satellite video data |
US5964842A (en) * | 1997-01-31 | 1999-10-12 | Network Computing Devices, Inc. | Method and apparatus for scaling data compression based on system capacity |
US6016348A (en) * | 1996-11-27 | 2000-01-18 | Thomson Consumer Electronics, Inc. | Decoding system and data format for processing and storing encrypted broadcast, cable or satellite video data |
US6038321A (en) * | 1996-08-08 | 2000-03-14 | Laurel Intelligent Systems Co., Ltd. | Data transfer method, communication system and storage medium |
US6044157A (en) * | 1996-03-08 | 2000-03-28 | Matsushita Electric Industrial Co., Ltd. | Microprocessor suitable for reproducing AV data while protecting the AV data from illegal copy and image information processing system using the microprocessor |
US6122379A (en) * | 1996-05-30 | 2000-09-19 | Deloitte & Touche Inc. | Method and apparatus for performing simultaneous data compression and encryption |
US6222924B1 (en) * | 1996-01-30 | 2001-04-24 | Oy Nokia Ab | Scrambling of digital media objects in connection with transmission and storage |
US6266480B1 (en) * | 1996-09-18 | 2001-07-24 | Sony Corporation | Apparatus and method for effectively inhibiting unauthorized copying of picture signals which does not interfere with an authorized display thereof |
US6286103B1 (en) * | 1998-10-02 | 2001-09-04 | Canal+Societe Anonyme | Method and apparatus for encrypted data stream transmission |
US20010025340A1 (en) * | 1997-06-19 | 2001-09-27 | Marchant Brian E. | Security apparatus for data transmission with dynamic random encryption |
US20010033739A1 (en) * | 1995-09-29 | 2001-10-25 | Sony Corporation | Apparatus and method for TV broadcast copy protection |
US20020006204A1 (en) * | 2001-06-27 | 2002-01-17 | Paul England | Protecting decrypted compressed content and decrypted decompressed content at a digital rights management client |
US20020019939A1 (en) * | 1999-12-20 | 2002-02-14 | Hiroyasu Yamamoto | Encryption display card |
US6349138B1 (en) * | 1996-06-14 | 2002-02-19 | Lucent Technologies Inc. | Method and apparatus for digital transmission incorporating scrambling and forward error correction while preventing bit error spreading associated with descrambling |
US20020034264A1 (en) * | 2000-05-25 | 2002-03-21 | Vigil Armando J. | Method for demodulating a digital signal subjected to multipath propagation impairment and an associated receiver |
US20020037081A1 (en) * | 2000-04-28 | 2002-03-28 | David Rogoff | Cryptographic key distribution system and method for digital video systems |
US20020044656A1 (en) * | 1999-10-13 | 2002-04-18 | Brant L. Candelore | Interfacing a conditional access circuit to a digital device using input and output stream switching |
US20020044658A1 (en) * | 1995-04-03 | 2002-04-18 | Wasilewski Anthony J. | Conditional access system |
US20020056081A1 (en) * | 1999-12-02 | 2002-05-09 | Qualcomm Incorporated | Apparatus and method for decoding digital image and audio signals |
US6408076B1 (en) * | 1997-03-06 | 2002-06-18 | Lsi Logic Corporation | Digital video broadcasting |
US6411712B1 (en) * | 1997-10-27 | 2002-06-25 | Kabushiki Kaisha Toshiba | Digital broadcast receiver |
US6438693B1 (en) * | 1997-09-30 | 2002-08-20 | Sony Corporation | Modular broadcast receiver system and memo |
US6467093B1 (en) * | 1998-02-04 | 2002-10-15 | Sony Corporation | Method and apparatus for receiving digital broadcasts |
US20020150248A1 (en) * | 2001-03-06 | 2002-10-17 | Kovacevic Branko D. | System for digital stream reception via memory buffer and method thereof |
US20020196939A1 (en) * | 2001-06-06 | 2002-12-26 | Unger Robert Allan | Decoding and decryption of partially encrypted information |
US20020199206A1 (en) * | 2001-03-13 | 2002-12-26 | Helmut Schmitz | Apparatus and method for transmitting audio and/or video data |
US20030005449A1 (en) * | 2001-06-29 | 2003-01-02 | Mckenna Lee R. | System and method for content delivery to lodging entertainment systems |
US20030018917A1 (en) * | 2001-07-23 | 2003-01-23 | Brown Matthew W. | Method and apparatus for delivering digital media using packetized encryption data |
US20030026424A1 (en) * | 2000-07-07 | 2003-02-06 | Thales Broadcast & Multimedia, Inc. | System, method and computer program product for delivery and utilization of content over a communications medium |
US20030035540A1 (en) * | 2001-08-17 | 2003-02-20 | Martin Freeman | System and method for hybrid conditional access for receivers of encrypted transmissions |
US20030035543A1 (en) * | 2001-08-15 | 2003-02-20 | Gillon William M. | System and method for conditional access key encryption |
US20030158813A1 (en) * | 2002-02-15 | 2003-08-21 | Paul Vidich | Method and apparatus for distributing multimedia programs |
US20040076299A1 (en) * | 2002-10-18 | 2004-04-22 | Chung-E Wang | Cryptography in data compression |
US6981141B1 (en) * | 1998-05-07 | 2005-12-27 | Maz Technologies, Inc | Transparent encryption and decryption with algorithm independent cryptographic engine that allows for containerization of encrypted files |
US7069590B1 (en) * | 2000-02-17 | 2006-06-27 | Microsoft Corporation | System and method for protecting data streams in hardware components |
US7099472B2 (en) * | 2000-07-20 | 2006-08-29 | The Directv Group, Inc. | Method and apparatus for securing digital video recording |
US7295750B2 (en) * | 2004-12-30 | 2007-11-13 | Finisar Corporation | Access key enabled update of an optical transceiver |
US7334124B2 (en) * | 2002-07-22 | 2008-02-19 | Vormetric, Inc. | Logical access block processing protocol for transparent secure file storage |
US7336788B1 (en) * | 1992-12-09 | 2008-02-26 | Discovery Communicatoins Inc. | Electronic book secure communication with home subsystem |
US7536549B2 (en) * | 2000-08-10 | 2009-05-19 | Toshikazu Ishizaki | Methods for generating a partially encrypted and compressed database and decrypting and decompressing the database |
US7827293B2 (en) * | 2000-03-01 | 2010-11-02 | Printeron Inc. | Secure network resource access system |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0975165B1 (en) * | 1994-07-08 | 2003-05-02 | Sony Corporation | Receiving controlled-access broadcast signals |
EP0912052A1 (en) | 1997-09-25 | 1999-04-28 | CANAL+ Société Anonyme | Method and apparatus for recording of encrypted digital data |
DE69825611T2 (en) * | 1997-10-02 | 2005-06-30 | Canal + Technologies | Method and apparatus for use in scrambled or scrambled transmission such as scrambled television broadcasting |
JP4763866B2 (en) * | 1998-10-15 | 2011-08-31 | インターシア ソフトウェア エルエルシー | Method and apparatus for protecting digital data by double re-encryption |
AU2001249509A1 (en) * | 2000-03-29 | 2001-10-08 | Sony Electronics Inc. | Transceiver system and method |
US20040205812A1 (en) | 2000-06-22 | 2004-10-14 | Candelore Brant L. | Method and apparatus for routing program data in a program viewing unit |
US7295751B2 (en) * | 2000-10-16 | 2007-11-13 | Elbex Video Ltd. | Method and apparatus for continuous feed of disks for recording digital video signals and authenticating the digitally recorded disks |
-
2003
- 2003-04-13 IL IL15541603A patent/IL155416A0/en unknown
- 2003-11-16 AU AU2003279516A patent/AU2003279516A1/en not_active Abandoned
- 2003-11-16 EP EP03772623A patent/EP1602193A4/en not_active Withdrawn
- 2003-11-16 US US10/547,911 patent/US8755523B2/en active Active
- 2003-11-16 EP EP12161304A patent/EP2472897A1/en not_active Withdrawn
- 2003-11-16 WO PCT/IL2003/000969 patent/WO2004091132A1/en active Application Filing
-
2011
- 2011-01-03 US US12/930,304 patent/US20110103582A1/en not_active Abandoned
Patent Citations (51)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7336788B1 (en) * | 1992-12-09 | 2008-02-26 | Discovery Communicatoins Inc. | Electronic book secure communication with home subsystem |
US20020044658A1 (en) * | 1995-04-03 | 2002-04-18 | Wasilewski Anthony J. | Conditional access system |
US5774548A (en) * | 1995-09-05 | 1998-06-30 | Hitachi, Ltd. | Digital broadcast transmitting and receiving system and transmitting and receiving apparatus thereof |
US20010033739A1 (en) * | 1995-09-29 | 2001-10-25 | Sony Corporation | Apparatus and method for TV broadcast copy protection |
US5742680A (en) * | 1995-11-13 | 1998-04-21 | E Star, Inc. | Set top box for receiving and decryption and descrambling a plurality of satellite television signals |
US6222924B1 (en) * | 1996-01-30 | 2001-04-24 | Oy Nokia Ab | Scrambling of digital media objects in connection with transmission and storage |
US6044157A (en) * | 1996-03-08 | 2000-03-28 | Matsushita Electric Industrial Co., Ltd. | Microprocessor suitable for reproducing AV data while protecting the AV data from illegal copy and image information processing system using the microprocessor |
US6122379A (en) * | 1996-05-30 | 2000-09-19 | Deloitte & Touche Inc. | Method and apparatus for performing simultaneous data compression and encryption |
US5933500A (en) * | 1996-05-31 | 1999-08-03 | Thomson Consumer Electronics, Inc. | Adaptive decoding system for processing encrypted and non-encrypted broadcast, cable or satellite video data |
US6349138B1 (en) * | 1996-06-14 | 2002-02-19 | Lucent Technologies Inc. | Method and apparatus for digital transmission incorporating scrambling and forward error correction while preventing bit error spreading associated with descrambling |
US6038321A (en) * | 1996-08-08 | 2000-03-14 | Laurel Intelligent Systems Co., Ltd. | Data transfer method, communication system and storage medium |
US6266480B1 (en) * | 1996-09-18 | 2001-07-24 | Sony Corporation | Apparatus and method for effectively inhibiting unauthorized copying of picture signals which does not interfere with an authorized display thereof |
US6016348A (en) * | 1996-11-27 | 2000-01-18 | Thomson Consumer Electronics, Inc. | Decoding system and data format for processing and storing encrypted broadcast, cable or satellite video data |
US5878135A (en) * | 1996-11-27 | 1999-03-02 | Thomson Consumer Electronics, Inc. | Decoding system for processing encrypted broadcast, cable or satellite video data |
US5818934A (en) * | 1996-12-18 | 1998-10-06 | Phillips Electronics North America Corporation | Method and apparatus for providing a cryptographically secure interface between the decryption engine and the system decoder of a digital television receiver |
US5964842A (en) * | 1997-01-31 | 1999-10-12 | Network Computing Devices, Inc. | Method and apparatus for scaling data compression based on system capacity |
US6408076B1 (en) * | 1997-03-06 | 2002-06-18 | Lsi Logic Corporation | Digital video broadcasting |
US20010025340A1 (en) * | 1997-06-19 | 2001-09-27 | Marchant Brian E. | Security apparatus for data transmission with dynamic random encryption |
US6438693B1 (en) * | 1997-09-30 | 2002-08-20 | Sony Corporation | Modular broadcast receiver system and memo |
US20020162105A1 (en) * | 1997-09-30 | 2002-10-31 | Sony Corporation | Modular broadcast receiver system & method |
US6411712B1 (en) * | 1997-10-27 | 2002-06-25 | Kabushiki Kaisha Toshiba | Digital broadcast receiver |
US6467093B1 (en) * | 1998-02-04 | 2002-10-15 | Sony Corporation | Method and apparatus for receiving digital broadcasts |
US20030037343A1 (en) * | 1998-02-04 | 2003-02-20 | Sony Corporation | Method and apparatus for receiving digital broadcasts |
US6981141B1 (en) * | 1998-05-07 | 2005-12-27 | Maz Technologies, Inc | Transparent encryption and decryption with algorithm independent cryptographic engine that allows for containerization of encrypted files |
US6286103B1 (en) * | 1998-10-02 | 2001-09-04 | Canal+Societe Anonyme | Method and apparatus for encrypted data stream transmission |
US20020044656A1 (en) * | 1999-10-13 | 2002-04-18 | Brant L. Candelore | Interfacing a conditional access circuit to a digital device using input and output stream switching |
US20020056081A1 (en) * | 1999-12-02 | 2002-05-09 | Qualcomm Incorporated | Apparatus and method for decoding digital image and audio signals |
US20020019939A1 (en) * | 1999-12-20 | 2002-02-14 | Hiroyasu Yamamoto | Encryption display card |
US7069590B1 (en) * | 2000-02-17 | 2006-06-27 | Microsoft Corporation | System and method for protecting data streams in hardware components |
US7827293B2 (en) * | 2000-03-01 | 2010-11-02 | Printeron Inc. | Secure network resource access system |
US20020037081A1 (en) * | 2000-04-28 | 2002-03-28 | David Rogoff | Cryptographic key distribution system and method for digital video systems |
US20020034264A1 (en) * | 2000-05-25 | 2002-03-21 | Vigil Armando J. | Method for demodulating a digital signal subjected to multipath propagation impairment and an associated receiver |
US20030026424A1 (en) * | 2000-07-07 | 2003-02-06 | Thales Broadcast & Multimedia, Inc. | System, method and computer program product for delivery and utilization of content over a communications medium |
US7099472B2 (en) * | 2000-07-20 | 2006-08-29 | The Directv Group, Inc. | Method and apparatus for securing digital video recording |
US7536549B2 (en) * | 2000-08-10 | 2009-05-19 | Toshikazu Ishizaki | Methods for generating a partially encrypted and compressed database and decrypting and decompressing the database |
US20020150248A1 (en) * | 2001-03-06 | 2002-10-17 | Kovacevic Branko D. | System for digital stream reception via memory buffer and method thereof |
US20020199206A1 (en) * | 2001-03-13 | 2002-12-26 | Helmut Schmitz | Apparatus and method for transmitting audio and/or video data |
US20030046686A1 (en) * | 2001-06-06 | 2003-03-06 | Candelore Brant L. | Time division partial encryption |
US20030021412A1 (en) * | 2001-06-06 | 2003-01-30 | Candelore Brant L. | Partial encryption and PID mapping |
US20020196939A1 (en) * | 2001-06-06 | 2002-12-26 | Unger Robert Allan | Decoding and decryption of partially encrypted information |
US20030026423A1 (en) * | 2001-06-06 | 2003-02-06 | Unger Robert Allan | Critical packet partial encryption |
US20020006204A1 (en) * | 2001-06-27 | 2002-01-17 | Paul England | Protecting decrypted compressed content and decrypted decompressed content at a digital rights management client |
US7239708B2 (en) * | 2001-06-27 | 2007-07-03 | Microsoft Corporation | Protecting decrypted compressed content and decrypted decompressed content at a digital rights management client |
US20030005449A1 (en) * | 2001-06-29 | 2003-01-02 | Mckenna Lee R. | System and method for content delivery to lodging entertainment systems |
US20030018917A1 (en) * | 2001-07-23 | 2003-01-23 | Brown Matthew W. | Method and apparatus for delivering digital media using packetized encryption data |
US20030035543A1 (en) * | 2001-08-15 | 2003-02-20 | Gillon William M. | System and method for conditional access key encryption |
US20030035540A1 (en) * | 2001-08-17 | 2003-02-20 | Martin Freeman | System and method for hybrid conditional access for receivers of encrypted transmissions |
US20030158813A1 (en) * | 2002-02-15 | 2003-08-21 | Paul Vidich | Method and apparatus for distributing multimedia programs |
US7334124B2 (en) * | 2002-07-22 | 2008-02-19 | Vormetric, Inc. | Logical access block processing protocol for transparent secure file storage |
US20040076299A1 (en) * | 2002-10-18 | 2004-04-22 | Chung-E Wang | Cryptography in data compression |
US7295750B2 (en) * | 2004-12-30 | 2007-11-13 | Finisar Corporation | Access key enabled update of an optical transceiver |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140016777A1 (en) * | 2012-07-12 | 2014-01-16 | Elwha Llc | Pre-Event Repository Associated with Individual Privacy and Public Safety Protection Via Double Encrypted Lock Box |
US9521370B2 (en) | 2012-07-12 | 2016-12-13 | Elwha, Llc | Level-two decryption associated with individual privacy and public safety protection via double encrypted lock box |
US9596436B2 (en) | 2012-07-12 | 2017-03-14 | Elwha Llc | Level-one encryption associated with individual privacy and public safety protection via double encrypted lock box |
US9667917B2 (en) | 2012-07-12 | 2017-05-30 | Elwha, Llc | Level-one encryption associated with individual privacy and public safety protection via double encrypted lock box |
US9781389B2 (en) | 2012-07-12 | 2017-10-03 | Elwha Llc | Pre-event repository associated with individual privacy and public safety protection via double encrypted lock box |
US9825760B2 (en) | 2012-07-12 | 2017-11-21 | Elwha, Llc | Level-two decryption associated with individual privacy and public safety protection via double encrypted lock box |
US10277867B2 (en) * | 2012-07-12 | 2019-04-30 | Elwha Llc | Pre-event repository associated with individual privacy and public safety protection via double encrypted lock box |
US10348494B2 (en) | 2012-07-12 | 2019-07-09 | Elwha Llc | Level-two decryption associated with individual privacy and public safety protection via double encrypted lock box |
US9042546B2 (en) | 2012-10-16 | 2015-05-26 | Elwha Llc | Level-two encryption associated with individual privacy and public safety protection via double encrypted lock box |
Also Published As
Publication number | Publication date |
---|---|
US20070297603A1 (en) | 2007-12-27 |
EP1602193A1 (en) | 2005-12-07 |
EP1602193A4 (en) | 2009-11-04 |
AU2003279516A1 (en) | 2004-11-01 |
US8755523B2 (en) | 2014-06-17 |
WO2004091132A1 (en) | 2004-10-21 |
EP2472897A1 (en) | 2012-07-04 |
IL155416A0 (en) | 2003-11-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20220021930A1 (en) | Reduced Hierarchy Key Management System and Method | |
US8291236B2 (en) | Methods and apparatuses for secondary conditional access server | |
KR101081160B1 (en) | Method and apparatus for protecting the transfer of data | |
KR100735761B1 (en) | Method and apparatus for securing control words | |
US8036382B2 (en) | Conditional access system and method for prevention of replay attacks | |
US7634171B2 (en) | PC-based personal video recorder | |
US7773752B2 (en) | Circuits, apparatus, methods and computer program products for providing conditional access and copy protection schemes for digital broadcast data | |
US20050169473A1 (en) | Multiple selective encryption with DRM | |
US20070294170A1 (en) | Systems and methods for conditional access and digital rights management | |
US20110103582A1 (en) | System for securing access to data streams | |
US8631430B2 (en) | Enabling DRM-encrypted broadcast content through gateway into the home |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |
|
AS | Assignment |
Owner name: NDS LIMITED, UNITED KINGDOM Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BEAUMARIS NETWORKS LLC;CISCO SYSTEMS INTERNATIONAL S.A.R.L.;CISCO TECHNOLOGY, INC.;AND OTHERS;REEL/FRAME:047420/0600 Effective date: 20181028 |