Recherche Images Maps Play YouTube Actualités Gmail Drive Plus »
Connexion
Les utilisateurs de lecteurs d'écran peuvent cliquer sur ce lien pour activer le mode d'accessibilité. Celui-ci propose les mêmes fonctionnalités principales, mais il est optimisé pour votre lecteur d'écran.

Brevets

  1. Recherche avancée dans les brevets
Numéro de publicationUSRE41919 E1
Type de publicationOctroi
Numéro de demandeUS 12/425,314
Date de publication9 nov. 2010
Date de priorité25 juin 2003
État de paiement des fraisPayé
Autre référence de publicationUS7206411, US20040268117
Numéro de publication12425314, 425314, US RE41919 E1, US RE41919E1, US-E1-RE41919, USRE41919 E1, USRE41919E1
InventeursSteve Olivier, Gary L. Pelkey, David M. Placek, Kevin Kennedy
Cessionnaire d'origineSteve Olivier, Pelkey Gary L, Placek David M, Kevin Kennedy
Exporter la citationBiBTeX, EndNote, RefMan
Liens externes: USPTO, Cession USPTO, Espacenet
Rapid decryption of data by key synchronization and indexing
US RE41919 E1
Résumé
A satellite broadcast conditional access system with key synchronization uses indexing of an authorization stream to quickly restart the decrypting process after short carrier fades and after carrier switches. The authorization stream includes cyphered seeds and index numbers which are sequentially sent to a group of receivers. The same authorization stream can also be broadcast multiple times to the group of receivers. A conditional access server selects a starting index number and increments the index number by a predefined value. The receivers have a memory to save the current index number for the authorization stream. Any receiver that loses its connection to the broadcast and thereafter reestablishes its connection can retrieve the latest index number being issued in the authorization stream and compare it with the stored index number. When the index numbers match or are within a defined threshold, the receiver will continue to decypher the seeds and decrypt the transport stream.
Images(8)
Previous page
Next page
Revendications(65)
1. A method of encrypting data for rapid decryption, the method comprising the steps of:
sequentially generating a plurality of random numbers;
sequentially generating a plurality of index numbers respectively associated with said random numbers, wherein a first index number is initially generated and said index numbers increment by a predefined value;
calculating a plurality of cyphered seeds according to a combination of each one of said random numbers and each one of said respectively associated index numbers;
sending said plurality of cyphered seeds and said corresponding index numbers from a server to at least one receiver; and
resending each one of said plurality of cyphered seeds and said corresponding index numbers from said server to said receiver, wherein a cyphered seed and index number pair is resent before sending a subsequent cyphered seed and index number pair.
2. The method according to claim 1, wherein said generating of said index numbers is further comprised of the step of randomly generating said first index number.
3. The method according to claim 1, wherein said sending and resending steps further comprise the steps of sending a first flavored cyphered seed and index number pair and resending said first flavored cyphered seed and index number pair.
4. The method according to claim 3, wherein said sending and resending steps further comprise the steps of: sending a second flavored cyphered seed and index number pair; resending said second flavored cyphered seed and index number pair; and repeating said sending and resending steps for a plurality of first flavored cyphered seed and index number pairs and for a plurality of second flavored cyphered seed and index number pairs.
5. The method according to claim 1, further comprising the steps of: decyphering said cyphered seed and index number pair; storing said decyphered seed and index number pair in a memory; repeating said decyphering and storing steps for a plurality of subsequent cyphered seed and index number pairs until an occurrence of a reset; after said reset, decyphering a most recently received index number and comparing said most recently received index number with said stored index number; and continuing with said decyphering and storing steps if said most recently received index number is within a defined tolerance of said stored index number.
6. The method according to claim 5, further comprising the steps of: when a cyphered seed of a particular flavor is received, decyphered, and loaded to said receiver, setting a flavor seed flag to designate said flavor; and when said receiver detects that a flavor in incoming encrypted transport streams changes to a new flavor, examining whether said flavor seed flag is set to correspond said new flavor for checking if said decyphered seed is valid to decrypt said incoming encrypted transport streams.
7. The method according to claim 5, further comprising the step of defining said tolerance of said stored index number to one.
8. The method according to claim 5, further comprising the steps of: sending a group of cyphered seed and corresponding index number pairs from said server to a respective group of receivers during a flavor distribution period; resending said group of cyphered seed and corresponding index number pairs to said respective group of receivers during said flavor distribution period; and repeating said sending and resending steps for a plurality of subsequent groups of cyphered seed and corresponding index number pairs to said respective group of receivers.
9. The method according to claim 8, wherein said repeating step further comprises the step of switching between a first flavor and a second flavor.
10. The method according to claim 8, further comprising the step of sending an authorization stream from said server to said group of receivers during said flavor distribution period, said authorization stream comprising said group of cyphered seed and corresponding index number pairs, a plurality of serial numbers corresponding to said respective group of receivers, a flavor indicator, and an encryption on/off message.
11. The method according to claim 10, further comprising the step of indicating to said group of receivers whether corresponding transport streams are encrypted according to said encryption on/off message.
12. The method according to claim 10, further comprising the step of generating a plurality of secret serial numbers according to a combination of a secret identification number and a serial number associated with each of said receivers.
13. The method according to claim 12, further comprising the step of allowing a customer controlling said group of receivers to generate said secret identification number unique to said customer.
14. The method according to claim 12 wherein said step for calculating a plurality of cyphered seeds is further comprised of the step of combining each one of said random numbers and said respectively associated index numbers with each one of said secret serial numbers.
15. A method of encrypting data for rapid decryption, the method comprising the steps of: sequentially generating a plurality of random numbers; sequentially generating a plurality of index numbers respectively associated with said random numbers, wherein a first index number is initially generated and said index numbers increment by a predefined value; calculating a plurality of cyphered seeds according to a combination of each one of said random numbers, each one of said respectively associated index numbers, and a plurality of serial numbers respectively associated with a group of receivers; sending a group of cyphered seed and corresponding index number pairs from a server to said group of receivers during a flavor distribution period; resending said group of cyphered seed and corresponding index number pairs to said group of receivers during said flavor distribution period; repeating said sending and resending steps for a plurality of subsequent groups of cyphered seed and corresponding index number pairs to said group of receivers, extracting a cyphered seed using its serial number from said cyphered seed and index number pairs in each one of said receivers; decyphering said cyphered seed and index number pairs in each one of said receivers; storing said decyphered seed and index number pair in a memory of each one of said receivers; repeating said decyphering and storing steps for a plurality of subsequent cyphered seed and index number pairs until an occurrence of a reset; after said reset, decyphering a most recently received index number and comparing said most recently received index number with said stored index number; and continuing with said decyphering and storing steps if said most recently received index number is within a defined tolerance of said stored index number.
16. The method according to claim 15, wherein said generating of said index numbers is further comprised of the step of randomly generating said first index number.
17. The method according to claim 15, further comprising the step of sending an authorization stream from said server to said group of receivers during said flavor distribution period, said authorization stream comprising said group of cyphered seed and corresponding index number pairs, said plurality of serial numbers corresponding to said respective group of receivers, a flavor indicator, and an encryption on/off message.
18. The method according to claim 15, further comprising the step of generating a plurality of secret serial numbers according to a combination of a secret identification number and a serial number associated with each of said receivers.
19. The method according to claim 18, further comprising the step of allowing a customer controlling said group of receivers to generate said secret identification number unique to said customer.
20. The method according to claim 18, wherein said secret serial numbers are used as said serial numbers in calculating said cyphered seeds.
21. The method according to claim 15, further comprising the steps of: receiving, decyphering, and loading at least one of said cyphered seeds of an indicated flavor in each one of said receivers; respectively setting a flavor seed flag in each one of said receivers to designate said indicated flavor; detecting a flavor change associated with a new flavor in incoming encrypted transport streams in each one of said receivers; determining whether said flavor seed flag is set to correspond with said new flavor and whether said decyphered seed is valid in each one of said receivers; and decrypting said incoming encrypted transport streams in each one of said receivers when said decyphered seed is valid.
22. The method according to claim 15, further comprising the step of defining said tolerance of said stored index number to one.
23. A system for encrypting and decrypting data, comprising: means for sequentially generating a plurality of random numbers and a plurality of index numbers respectively associated with said random numbers, wherein a first index number is initially generated and said index numbers increment by a predefined value; means for calculating a plurality of cyphered seeds according to a combination of each one of said random numbers, each one of said respectively associated index numbers, and a plurality of serial numbers respectively associated with a group of receivers; means for sending a group of cyphered seed and corresponding index number pairs from a server to said group of receivers during a flavor distribution period, and resending said group of cyphered seed and corresponding index number pairs to said group of receivers during said flavor distribution period; means for extracting a cyphered seed and corresponding index number from said cyphered seed and index number pairs, wherein at least one of said serial numbers is used to extract said cyphered seed; a decrypter in operative communication with said extracting means receives said extracted cyphered seed and said index number and decyphers said cyphered seed into a decyphered seed; a memory device in operative communication with said decrypter receives and stores said decyphered seed and index number; means for setting a reset command and thereafter comparing a new index number with said stored index number according to a defined tolerance.
24. The system according to claim 23, wherein said first index number is further comprised of a randomly generated number.
25. The system according to claim 23, wherein said means for generating said random numbers and said index numbers is comprised of a server with a computer processor.
26. The system according to claim 23, wherein said means for calculating said cyphered seeds is comprised of an encryption function in said server.
27. The system according to claim 23, wherein said means for sending and resending said cyphered seed and index number pairs from said server to said receivers is comprised of a multiplexer controlled by said server.
28. The system according to claim 23, wherein said means for extracting said cyphered seed, setting said reset command, and returning to said steady state operation is comprised of a host microprocessor in at least one of said receivers.
29. The system according to claim 23, wherein said defined tolerance of said stored index number is one.
30. The system according to claim 23, wherein said plurality of serial numbers are further comprised of a combination of a secret identification number, and wherein said secret identification number is unique to a customer controlling said group of receivers.
31. A server for encrypting data, comprising: means for sequentially generating a plurality of random numbers and a plurality of index numbers respectively associated with said random numbers, wherein a first index number is initially generated and said index numbers increment by a predefined value; means for calculating a plurality of cyphered seeds according to a combination of each one of said random numbers and each one of said respectively associated index numbers; and means for sending a group of cyphered seed and corresponding index number pairs from a server to a respective group of receivers during a flavor distribution period, and resending said group of cyphered seed and corresponding index number pairs to said respective group of receivers during said flavor distribution period.
32. The system according to claim 31, wherein said first index number is further comprised of a randomly generated number.
33. The system according to claim 31, wherein said cyphered seeds are further comprised according to a combination of said random numbers and said index numbers with a plurality of serial numbers respectively associated with said group of receivers.
34. The system according to claim 33, wherein said plurality of serial numbers are further comprised of a combination of a secret identification number, and wherein said secret identification number is unique to a customer controlling said group of receivers.
35. An integrated receiver decoder for decrypting data, comprising: means for extracting a cyphered seed and a corresponding index number from a group of cyphered seed and index number pairs; wherein a plurality of serial numbers are used to generate a plurality of cyphered seeds and wherein at least one of said serial numbers is used to extract said cyphered seed; a decrypter in operative communication with said extracting means receives said extracted cyphered seed and said corresponding index number and decyphers said cyphered seed into a decyphered seed; a memory device in operative communication with said decrypter receives and stores said decyphered seed and index number; and means for setting a reset command and thereafter comparing a new index number with said stored index number according to a defined tolerance.
36. The system according to claim 35, wherein said defined tolerance of said stored index number is one.
37. A computer-implemented method, comprising:
sending, by an access server, one or more ciphered seeds and one or more index numbers associated with the one or more ciphered seeds to at least one content receiver; and
resending, by the access server, the one or more ciphered seeds and the one or more index numbers, wherein a ciphered seed and index number pair are sent before sending subsequent ciphered seed and index number pairs.
38. The computer-implemented method as recited in claim 37 , further comprising determining one or more ciphered seeds by:
sequentially generating a plurality of random numbers;
sequentially generating a plurality of index numbers associated with the random numbers; and
combining each random number with each index number associated with the random number.
39. The computer-implemented method as recited in claim 38 , wherein a first index number is generated randomly and subsequent index numbers are generated by incrementing the first index number by a value.
40. The computer-implemented method as recited in claim 37 , wherein the one or more ciphered seeds and the one or more index numbers are sent and resent during a first flavor distribution period.
41. The computer-implemented method as recited in claim 40 , further comprising:
sending, by the access server, a ciphered seed and an index number pair during a second flavor distribution period; and
resending, by the access server, the ciphered seed and the index number pair during the second flavor distribution period.
42. The computer-implemented method as recited in claim 37 , further comprising sending, by the access server, an authorization stream, the authorization stream comprising the one or more ciphered seeds, the one or more index numbers, one or more numbers associated with one or more content receivers, a flavor indicator, and an encryption message.
43. The computer-implemented method as recited in claim 42 , wherein the one or more numbers associated with one or more content receivers are configured to enable decryption of the one or more ciphered seeds.
44. The computer-implemented method as recited in claim 42 , wherein the flavor indicator is configured to indicate an odd/even flavor of the one or more ciphered seeds.
45. The computer-implemented method as recited in claim 42 , wherein the encryption message is configured to indicate whether a transport stream is encrypted.
46. A system for encrypting data, comprising:
an access server configured to generate one or more ciphered seeds; and
a cryptographic multiplexer configured to:
send the one or more ciphered seeds and one or more index numbers to one or more content receivers during a flavor distribution period; and
resend the one or more ciphered seeds and the one or more index numbers to the one or more content receivers during the flavor distribution period.
47. The system as recited in claim 46, wherein the cryptographic multiplexer is further configured to:
send a ciphered seed and an index number pair during a second flavor distribution period; and
resend the ciphered seed and the index number pair during the second flavor distribution period.
48. A computer-implemented method, comprising:
receiving, by a content receiver, an encrypted data stream;
extracting, by the content receiver, a ciphered seed and index number pair from the encrypted data stream using a number associated with the content receiver;
deciphering, by the content receiver, the ciphered seed to create a deciphered seed;
storing, by the content receiver, the deciphered seed and index number in memory;
detecting, by the content receiver, a reset, and responsive to the reset:
comparing a received index number with the stored index number; and
deciphering and storing additional ciphered seeds responsive to the received index number corresponding to the stored index number.
49. The computer-implemented method, as recited in claim 48 , wherein the received index number corresponds to the stored index number when the received index number is within a defined tolerance of the stored index number.
50. The computer-implemented method, as recited in claim 49 , wherein the defined tolerance is one.
51. The computer-implemented method, as recited in claim 48 , further comprising deciphering and storing, by the content receiver, additional ciphered seed and index number pairs until a reset is detected.
52. The computer-implemented method, as recited in claim 48 , further comprising:
deciphering, by the content receiver, a ciphered seed corresponding to a first flavor;
detecting, by the content receiver, a second flavor;
determining, by the content receiver, whether the deciphered seed is valid by comparing the second flavor with the first flavor; and
decrypting, by the content receiver, the encrypted data stream responsive to the deciphered seed being valid.
53. The computer-implemented method, as recited in claim 52 , further comprising blocking, by the content receiver, the encrypted data stream responsive to the deciphered seed being invalid.
54. A system for decrypting data, comprising:
a demultiplexer configured to extract a ciphered seed from an encrypted data stream using a number associated with a content receiver;
a decrypter configured to decipher the extracted ciphered seed;
a processor configured to:
detect a reset; and
validate the deciphered seed responsive to the reset; and
a descrambler configured to decrypt the encrypted data stream using the deciphered seed responsive to the deciphered seed being valid.
55. The system, as recited in claim 54, wherein the processor is configured to validate the deciphered seed by comparing an index number associated with the deciphered seed with a stored index number.
56. The system, as recited in claim 55, wherein the processor is configured to validate the deciphered seed by comparing the index number associated with the deciphered seed with the stored index number according to a defined tolerance.
57. The system, as recited in claim 54, wherein the processor detects a reset responsive to not receiving an encrypted data stream.
58. The system, as recited in claim 54, wherein the processor detects a reset responsive to a change in an odd/even flavor associated with the encrypted data stream.
59. The system, as recited in claim 54, wherein the descrambler is further configured to block an encrypted data stream responsive to the deciphered seed being invalid.
60. A computer-implemented method, comprising:
detecting, by a content receiver, a loss of an encrypted data stream;
determining, by the content receiver, an index number and odd/even flavor associated with a restored encrypted data stream;
determining, by the content receiver, whether the index number corresponds to a stored index number; and
decrypting, by the content receiver, the restored encrypted data stream using an encryption seed corresponding to the stored index number if the index number corresponds to the stored index number.
61. The computer-implemented method as recited in claim 60 , wherein an index number (i) corresponds to a stored index number (i 0) when the index number (i) is equal to i 0 or i 0 1.
62. The computer-implemented method as recited in claim 60 , further comprising resetting, by the content receiver, a descrambler configured to descramble the encrypted data stream.
63. The computer-implemented method as recited in claim 60 , further comprising blocking, by the content receiver, one or more encrypted data packets associated with the restored encrypted data stream.
64. The computer-implemented method as recited in claim 60 , further comprising deciphering, by the content receiver, at least one authorization stream to acquire an encryption seed.
65. The computer-implemented method as recited in claim 60 , further comprising waiting, by the content receiver, to receive an addressed ciphered seed responsive to the index number not corresponding to the stored index number.
Description
CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims the benefit of U.S. Provisional Application Ser. No. 60/482,235 filed Jun. 25, 2003.

STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR DEVELOPMENT

Not Applicable.

BACKGROUND OF THE INVENTION

1. Field of the Invention

This invention relates generally to satellite broadcast systems and, more particularly, to a conditional access system for encrypting and decrypting data.

2. Related Art

A conditional access system is used to permit access to a transport stream only to subscribers who have paid for it. This is generally done by distributing the transport stream in encrypted form. Although any integrated receiver-decoder (IRD) that is connected to a satellite broadcast network can receive the encrypted transport stream, only the IRDs of those authorized subscribers are able to decrypt the encrypted transport stream. The IRD determines whether the encrypted transport stream should be decrypted and, if so, to decrypt it to produce a decrypted transport stream comprising information making up the broadcast program.

After a subscriber has purchased a service, a service provider sends messages to the subscriber's IRD with an authorization stream for the purchased services. The authorization stream may be sent with the transport stream or may be sent via a separate channel to an IRD. Various techniques have been used to encrypt the authorization stream. The authorization stream may include a seed as a key for a service of the service provider and an indication of what programs in the service the subscriber is entitled to receive. If the authorization stream indicates that the subscriber is entitled to receive the program of an encrypted transport stream, the IRD decrypts the encrypted transport stream using the received seed.

A well known problem concerning such conditional access systems is that the IRDs may suffer either carrier fades or be switched between carriers bearing the same instantiation of the service provider. It is therefore desirable for the IRDs to recover and pass a correctly decrypted transport stream to downstream processing stages as quickly as possible. However, the magnitude of time delay in the recoveries, on a typical large network (12,000 satellite IRDs) can be extremely long, such as one or two minutes in legacy systems. Other implementations of conditional access solve the problem of quick restoration of the IRD's decrypter by either risking that still-scrambled material may inadvertently be passed to the downstream processing stages, or consuming far more bandwidth in the transport stream to send cyphered seeds.

Hence, there is a need in the industry for an efficient and reliable technique for rapidly decrypting data after brief or extended loss of transport or authorization streams due to short carrier fades or switches. For that purpose, the conditional access system should allow the IRDs to quickly determine, after restoration of the data link following a carrier fade or switch, whether their stored copies of the decryption seeds are still current and correct. Furthermore, it is needed to greatly reduce the likelihood that the carrier fade or switch could prevent the IRD from getting at least one copy of its own messages without the need for consuming large amounts of bandwidth.

SUMMARY OF THE INVENTION

It is in view of the above problems that the present invention was developed. The present invention is a satellite broadcast conditional access system with key synchronization that allows the IRDs to quickly restart the decrypting process after short carrier fades and after carrier switches when they are within the same protected network. The invention uses an indexed authorization stream allowing the IRDs to quickly decide, after restoration of the data link following a carrier fade or switch, whether their stored copies of the decrypting seeds are still current and correct. The invention also uses multiple transmissions of the cyphered seeds during each distribution period providing the IRD with multiple opportunities to receive the current seed.

For the first attribute, the index numbers on all the authorization streams are assigned in a manner such that the authorization stream may be identified and that the specific time epoch of those cyphered seeds may be determined. When a conditional access server program initializes, it randomly selects the starting index number from a domain of numbers, and applies this number to each and every authorization stream bearing a cyphered seed. Then, while in operation, it increments that index by a predefined value at each new distribution period, i.e., an odd/even flavor switch according to the preferred embodiment. The IRDs, in their turn, after reestablishing connection to the carrier-borne transport stream, may quickly retrieve the index numbers being issued in the authorization stream and compare them to the same for both flavors of the cyphered seeds it keeps in volatile storage. If those numbers match, then the IRD will then immediately decypher those seed(s) and restart decrypting on the transport stream knowing it is using the correct seed. This restart may commence very quickly after the authorization stream is detected, and that the IRD need not wait until its own messages are received and decyphered.

For the second attribute, the distribution of the cyphered seeds is repeatedly sent with considerable delay between the cyphered seed messages. This greatly reduces the likelihood that a carrier switch or a short fade could prevent the IRD from getting at least one copy of its own cyphered seed message during each distribution period.

Further features and advantages of the present invention, as well as the structure and operation of various embodiments of the present invention, are described in detail below with reference to the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings, which are incorporated in and form a part of the specification, illustrate the embodiments of the present invention and together with the description, serve to explain the principles of the invention. In the drawings:

FIG. 1 illustrates a systematic diagram of a satellite broadcast conditional access system according to the present invention;

FIG. 2 illustrates a flowchart of operations that are performed at a conditional access server to generate authorization stream sent to cryptographic multiplexers;

FIG. 3 illustrates a diagram of how authorization stream is structured during a flavor distribution period;

FIG. 4 illustrates a flowchart of operations that are performed to decypher authorization stream and encrypt transport stream using an encryption seed at a cryptographic multiplexer;

FIG. 5 illustrates a flowchart of operations that are performed at an IRD to decypher authorization stream and maintain IRD synchronization to the conditional access system in steady state operation;

FIG. 6 illustrates a diagram of conditional access system timing for key synchronization when an authorization stream is distributed and a transport stream is encrypted at the cryptographic multiplexer and decrypted at the IRD; and

FIG. 7 illustrates a flowchart of operations that are performed at the IRD to rapidly decrypt data by key synchronization and indexing after brief or extended loss of transport stream.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

Referring to the accompanying drawings in which like reference numbers indicate like elements, FIG. 1 illustrates a systematic diagram of a satellite broadcast conditional access system 10 according to the present invention. The conditional access system 10 provides dynamic scrambling security to an entire MPEG transport stream 12. The conditional access system 10 generally consists of a server 14 and receivers 20. In a preferred embodiment of the invention, the server 14 is comprised of a conditional access server 16 and cryptographic multiplexers 18. The receivers 20 are generally referred to as integrated receiver-decoders (IRDs) 20.

The encryption function 22 in the conditional access server 16 provides an authorization stream 24 bearing cyphered messages which can only be decyphered and read by authorized devices. These messages give the cryptographic multiplexers 18, at the satellite uplink, and the authorized IRDs 20, at the downlink sites, a sequence of cyphered encrypting seeds. The cryptographic multiplexers 18 extract their own cyphered encryption seeds using their own serial number, and their decrypter 26 decyphers the cyphered encrypting seeds to get an encryption seed. These seeds initialize scrambler 28, in the cryptographic multiplexers 18 which appears to randomly encrypt the encrypt able portions of the MPEG transport stream 12. The authorization stream 24 and the encrypted transport stream 30 are transmitted through an interposed satellite broadcast network 31 by the multiplexer 32 and received by the input module 34 of the IRDs 20. Like the cryptographic multiplexers 18, the host microprocessor 36 of IRDs extract their own cyphered encryption seeds using their own serial number, and their decrypters 38 decypher the cyphered encrypting seeds to get an original encryption seed. Since the encrypting operation is symmetric, the encrypting seed sent to the IRDs 20 allows descrambler 40 to decrypt the transport stream encrypted by the cryptographic multiplexer 18.

At the uplink site, a conditional access server 16 runs the conditional access system 10. It can retrieve database information 41 from a conditional access database 42 by a network connection to the conditional access server 16 if on separate machines. This information is used to build and edit a list of authorized IRDs 20 by serial number n 102 under local operator control. FIG. 2 illustrates a flowchart of operations that are performed at a conditional access server 16 to generate authorization stream 24 sent to cryptographic multiplexers 18. At initialization, or after any change to the authorized list, the conditional access server 16 accesses its encryption function 22 (operation 200). This function contains a secret identification number W 112 unique to the particular customer (operation 210). In the case where the conditional access system 10 is controlled by a service provider and one or more customers are using the system, the secret identification number is only known by each respective customer and is not known to or accessible by any person at the service provider. The serial numbers 102 are reported to the encryption function 22 (operation 200) and, for each one, the encryption function 22 finds the encrypted serial number Sn 114 by implementing the function Sn=F (W∥n); where ‘∥’ is the concatenation operator, and where “F( )” is a one-way hash function, i.e., a function that is computationally easy to perform in one direction, but extremely difficult to reverse (operation 210). The encryption function 22 then provides the Sn's 114 to the conditional access server 16.

When the conditional access server's encryption engine is activated, it generates a sequence of random numbers Ki 122 and associated index numbers i 124 (operation 220). While each Ki in the sequence is independently random, the i values preferably begin with a randomly selected number, i.e., the initial index number is randomly generated. In a preferred embodiment of the invention, the i index then increments by a given value, preferably one, for each new (Ki,i) pair 122, 124 that is generated. For each pair 122, 124 in the sequence, the conditional access server 16 creates a cyphered message for every authorized IRD 20 plus all encrypting cryptographic multiplexers 18. It does this using the list of secret serial numbers Sn 114. Each cyphered message (CM) contains a value Cni 126, the index i, 124 the destination unit serial number n 102, and an even/odd flavor indicator 128. The value Cni is calculated (operation 220): Cni=Ki xor F(Sn∥i) and it is called the cyphered seed 126. After the entire set of cyphered messages is distributed, the conditional access server 16 sends either an encryption ON or OFF message 130, addressed to all. The aggregate of all these messages (Cni 126, i 124, n 102, an even/odd flavor indicator 128, an encryption ON or OFF message 130) is generally called the authorization stream 24. This stream then feeds the cryptographic multiplexers 18 (operation 230).

The authorization stream 24 is preferably structured as shown in FIG. 3. The time interval over which cyphered messages are used to distribute a (Ki,i) pair 122, 124 to the universe of IRDs 20 and cryptographic multiplexers 18 is the odd/even flavor distribution period 142. Within this period, all the cyphered messages 144 intended for the downlink IRDs 20 are sent first as an ordered group. The ordered group is a set of cyphered messages (CM1, CM2, . . . , CMm) corresponding with the group of IRDs (IRD1, IRD2, . . . , IRDm), respectively. For each distribution period, the cyphered messages will all contain the same index number and even/odd flavor indicator, but will vary according to the IRDn serial numbers (Sn1, Sn2, . . . , Snnm). Of course, the cyphered seed 126 will also vary according to the different serial numbers based on operation 220. Then that whole set of messages 146 is repeated in the same order. Following this, there is a delay period 148 where no messages are transmitted. Then cyphered messages 150 addressed to all the cryptographic multiplexers 18 listed in the conditional access database 42 are sent, in order, just once. This is followed preferably, without delay, by some number of encryption ON or OFF commands 130. After this, there is another delay 154 before transmission of the next (Ki,i) pair 122, 124 begins, which preferably has the opposing odd/even flavor 156.

In a preferred embodiment of the invention, the conditional access system 10 may be in one of three states. They are (1) encryption off; (2) encryption on and starting up; (3) encryption on static. In the first state, the engine continues to create the (Ki,i) pairs 122, 124, but only a single encryption off authorization message is sent at the end of each distribution period. In the second state, the engine begins distribution of the encrypting seeds. At the end of the first two distribution periods, the conditional access server 16 sends an encryption off message 130 to all devices. After the second state, the conditional access system 10 enters the third state. Here, after the seeds have been distributed to the IRDs 20 and cryptographic multiplexers 18, an encryption on message 130 is sent to all devices. Note that there is no similar transition from the encryption on state to the off state. As soon as the user orders encryption to stop, distribution of new seeds ceases immediately and the very next authorization message sent is an encryption off message 130.

In the preferred embodiment of the invention, the list of all cryptographic multiplexers 18 which may do encryption is found in the associated conditional access database 42. The presence or absence of the cryptographic multiplexer 18 from conditional access system's authorized list does not mean the same thing as the presence or absence of an IRD 20, as shall be seen. If a cryptographic multiplexer 18 is in the conditional access database 42, then, when the conditional access state is encryption on, the cryptographic multiplexer 18 will always be receiving addressed authorization messages from the conditional access system 10. However, the cryptographic multiplexer behavior is then affected by the conditional access mode in use while encryption is on. In the preferred embodiment of the invention, only the authorized cryptographic multiplexers 18 receive addressed encryption on commands, while the unauthorized cryptographic multiplexers (in the conditional access database but not authorized in conditional access) receive addressed encryption off commands. For all networks logically connected to those unauthorized cryptographic multiplexers 18, this has the effect of leaving them completely in the clear (unencrypted).

The cryptographic multiplexer 18 has three functions within the conditional access system 10: (1) to receive and decypher the next encrypting seed, (2) to encrypt the required program IDs (PIDs) in the MPEG transport stream 12 using that seed, and to (3) inject the authorization stream into a ghost PID of the transport stream for use by the authorized IRDs. In support of these functions, the cryptographic multiplexer 18 accepts the authorization stream 24 from the conditional access server 16. In addition, it accepts an MPEG transport stream 12, provides the encrypting processing, and then outputs it, preferably for ultimate distribution to a network of downlink IRDs 20.

FIG. 4 illustrates a flowchart of operations that are performed to decypher authorization stream 24 and encrypt transport stream 12 using an encryption seed 122 at a cryptographic multiplexer 18. Near the end of the flavor distribution period 142 of a particular odd/even flavor 128, there is sequence of authorization streams 24 directed to cryptographic multiplexers 18. If the host processor in a cryptographic multiplexer receiving the stream detects it's own unit serial number n 102 in an authorization stream 24 (operations 400 and 410), then that stream is passed to a decrypter 26. This decrypter, when it was programmed at the factory, had been given the unit's pre-calculated, encrypted serial number Sn 114. This is the same Sn also calculated by the encryption function 22 in the conditional access server 16. So the decrypter 26 then takes the incoming (Cni,i) pair and computes the corresponding Ki 122 from the equation (operation 420): Ki=Cni xor F(Sn∥i). This is the same Ki value which originated in the conditional access server 16. It is an encryption seed value 122, which is then loaded into the encrypting hardware, scrambler 28.

In a preferred embodiment of the invention, once the new encryption seed value is available, the host processor immediately sets the scrambler 28 to begin encrypting using that value if (1) the conditional access server 16 has previously sent an encryption ON command 130 more recently than an encryption OFF command, and (2) the cryptographic multiplexer 18 has been set to accept those commands. The encryption seed value used for encrypting is the starting state of a linear feedback shift register (LFSR) generator of the scrambler 28 (operation 430), a device which creates a pseudo-random bit sequence. This sequence of bits is XOR'd with several of the low-order bits in nearly every byte of the payload of the eligible MPEG packets 12, not including the authorization stream-carrying packets. The encryption bit on those packets is then set to indicate to IRD descrambler 40 that those packets are encrypted. In addition, the even-odd bit is set to show which flavor of seed was used to do that encrypting. When the next encryption seed is received by the cryptographic multiplexer 18, it will have the opposing flavor, and when transport streams are encrypted using that new encryption seed, the odd-even bit in the transport streams is toggled to that new opposing state.

While the cryptographic multiplexer 18 is decyphering new encryption seeds and using them to encrypt the transport stream 12, it is also injecting the authorization stream 24 into the transport (operation 440). This operates as a simple logical pipe from the cryptographic multiplexer host processor to all the IRD host processors 36. The authorization stream 24 is inserted as the payload into MPEG packets. As these packets are built, they are queued within the cryptographic multiplexer 18. Each authorized IRD 20 in the receiving network has three tasks to perform within this conditional access system 10: (1) extract and decypher its own authorization streams to get new encryption seeds, (2) decrypt the encrypted transport stream packets 30 and pass the new clear packets to the payload processing portion of the IRD 20, and (3) achieve and maintain synchronization to the timing of the cryptographic multiplexer scrambler 28, to ensure that decrypting is done with the correct seed.

FIG. 5 illustrates a flowchart of operations that are performed at an IRD 20 to decypher authorization stream 24 and maintain IRD synchronization to the conditional access system 10 in steady state operation. In each IRD 20 receiving the encrypted transport stream 30, the authorization stream 24 is demultiplexed out by the transport demux chip 44 (operation 500). This stream 24 is passed to the local host microprocessor 36 and it extracts the secret (Cni,i) 126, 124 message addressed to that particular unit by serial number 102 (operation 510). In a preferred embodiment of the invention, every IRD's (Cni,i) message is sent twice (refer to FIG. 3), which greatly reduces the likelihood that a carrier switch or a short fade could prevent the IRD 20 from getting at least one copy of its own cyphered seed message during each flavor distribution period. As received, cyphered messages are passed to the decrypter 38. This decrypter 38 is preferably identical to the decrypter 26 installed in cryptographic multiplexers 18. It proceeds to decypher the new Ki seed values 122 in the same manner as the decrypter 26 within the cryptographic multiplexer 18 (operation 520). Those new seeds are then loaded to the odd/even flavor register in the descrambler 40 corresponding to that seed's flavor (operation 530). When this is done, a flag is set in the descrambler 40 to signal that a new valid seed of a particular odd/even flavor is available.

As described above, the IRD 20 detects authorization streams 24 addressed to itself and routes the enclosed (Cni,i) pair 126, 124 to the decrypter 38. In addition, it maintains a circular buffer in volatile memory where the last messages received of each odd/even flavor are stored. When new messages are received, they overwrite the previous message of the same flavor. The purpose of this, which shall be discussed in more detail below, is to provide a way for IRDs 20 to recover from brief losses of transport stream input and, of course, loss of the authorization stream as well.

The IRD 20 accepts an incoming MPEG transport stream 12, either from a satellite carrier or from a terrestrial interface. It applies a process of decrypting the transport stream which is essentially identical to the encrypting operation. The payload of the transport stream packets are XOR'd by the same pseudo-random bit sequence which encrypted them jin the cryptographic multiplexer 18. This process restores the payloads of those transport stream packets back to the clear or normal state. Those packets are then routed to the downstream processing circuitry 46 within the IRD 20.

IRD synchronization to the conditional access system 10 differs depending on the state of the system. Steady state operation of an authorized IRD 20 and the several transient states are discussed in detail below: (1) authorization by conditional access system, (2) de-authorization by conditional access system, (3) brief transport stream loss, and (4) extended transport stream loss.

In steady state operation of the system, authorization streams bearing the cyphered seeds of a particular flavor are distributed to the cryptographic multiplexers 18 and IRDs 20 while those same units are encrypting and decrypting with the previously distributed seed of the opposing odd/even flavor. Within the IRDs themselves, the synchronization is maintained as follows. When a seed of a particular flavor is received, decyphered, and loaded to the IRD 20, an X_SEED_WRITTEN flag is SET within the IRD 20 (where X designates the seed's odd/even flavor). When the IRD detects that the odd/even flavor bit in the incoming encrypted transport streams changes (operation 540, referring to FIG. 5), it looks to see if the X_SEED_WRITTEN flag corresponding to the new flavor is set (test 550). If so, it knows it has a valid seed for that new flavor, and it begins decrypting immediately (operation 560). If not, it blocks all incoming encrypted transport streams 30 from entering the IRD demux chip 44 and clears the X_SEED_WRITTEN flag (operation 570). When the very next flavor change occurs in the incoming encrypted transport packet stream 30, that same flag clears in anticipation of the distribution of the next seed of that flavor.

FIG. 6 illustrates a diagram of conditional access system timing for key synchronization when an authorization stream is distributed and a transport stream is encrypted at the cryptographic multiplexer 18 and decrypted at the IRD 20. The new odd seed is written to odd seed register 158, setting the ODD_SEED_WRITTEN flag. At that moment, the incoming transport stream is still being encrypted with the previous even seed 160 at the cryptographic multiplexer 18 during an even flavor period 162. Later, the transport stream flavor 128 switches from even to odd. The odd seed then begins being used to decrypt at the IRD 20 during an odd flavor period 164. At the next flavor switch within the transport stream, from odd back to even, the ODD_SEED_WRITTEN flag will be cleared. But the authorization stream distribution period 164 for odd seeds is just beginning, and soon a new odd seed will be received, setting the flag once again. At that time, new even seed is written to even seed register 166, setting the EVEN_SEED_WRITTEN flag.

When an IRD 20 is unauthorized in the conditional access system 10, it does not receive the cyphered authorization streams, addressed to itself, bearing its own (Cni,i) value pair. Without the (Cni,i) pair 126, 124, seeds cannot be decyphered, so the X_SEED_WRITTEN flags remain continuously clear, and the IRD removes all incoming encrypted transport streams and substitutes null streams. When the IRD 20 is first authorized in the conditional access system 10, authorization streams addressed to it begin to be received. In the flavor distribution period corresponding to the first addressed stream received by the IRD 20, the IRD basically performs the following steps: (1) a seed of a particular flavor is later received, decyphered, and loaded to the descrambler 40, setting that respective X_SEED_WRITTEN flag; (2) the odd/even flavor bit in the incoming encrypted transport stream packets later changes over to that flavor; and (3) the seed is used to decrypt the encrypted transport streams. Starting with the steady state described earlier, when an RD 20 is de-authorized by conditional access system 10, it stops receiving authorization streams.

Since the IRDs 20 may suffer either short carrier fades or deliberate carrier switches between carriers bearing the same instantiation of a conditional access system 10, transport streams could be briefly lost. FIG. 7 illustrates a flowchart of operations that are performed at the IRD 20 to rapidly decrypt data by key synchronization and indexing after brief or extended loss of transport stream. When the transport stream is first lost (operation 700), the IRD host 36 resets the descrambler 40 (operation 710). This clears the X_SEED_WRITTEN flags and will block encrypted transport packets from entering the IRD demux chip 44. But, authorization stream will not be blocked. Later, when the host 36 detects the restored transport stream (operation 720), it will begin monitoring the authorization stream channel (if available). The first authorization stream 24 detected, even if not addressed to itself, will be examined for its i index 124 and its odd/even flavor 128 (operation 730). The IRD host 36 will then exploit the simple knowledge that if the currently distributed encryption seed has an index of i0, then the current encrypting is being done using the seed associated with index i0−1. If either of the stored authorization streams has an i index value equal to either i0 or i0−1 l (test 740), then the assumption is made that (1) the new transport stream bears the same authorization stream as before and (2) the IRD 20 already has the stored authorization streams corresponding at least to the current seed being used to encrypt. In this case, the IRD 20 then progresses through the following sequence: (1) the stored authorization streams whose i index values equal i0 or i0−1 are sent by the IRD host 36, in order of increasing magnitude, to the decrypter 38; (2) the decrypter 38 decyphers one or two authorization streams and the Ki 122 results are loaded to the respective odd/even flavor encrypting register(s) (operation 750); (3) the X_SEED_WRITTEN flags corresponding to whichever flavor seed(s) was/were loaded are set; (4) the next arriving encrypted transport stream is treated as if it was logically an odd/even flavor change and, if the X_SEED_WRITTEN flag for the new incoming encrypting flavor is set; (5) the IRD descrambler 40 commences to decrypt all the incoming encrypted transport streams (operation 760). The IRD then functions as described in the steady state operation.

For all losses of transport streams, the X_SEED_WRITTEN flags are cleared, the IRD host 36 resets the descrambler 40. As just described, when the transport stream is restored, the IRD host 36 examines the first authorization streams received. In the case where the first incoming authorization stream's i index value is not exactly equal to, or is not equal to one more than either of the i index values in the stored authorization streams, then the IRD host 36 assumes that the stored cyphered seeds are unusable. From then on, it behaves as if it had just boot up. The IRD 20 remains unauthorized until the IRD first gets an addressed cyphered seed through authorization stream and, thence until the succeeding transport encrypting flavor switch. Note that this holds true if the IRD 20 switched to an encrypted transport stream with a different authorization stream, or if the IRD 20 has been disconnected from the original authorization stream for an extended period. In a preferred embodiment of the invention, an extended period would be any outage exceeding half of the difference between flavor distribution period 142 and the total delays 148, 154 where double-sending of the cyphered seeds is employed (referring to FIG. 3). Failing to use double-sending of the seeds could cause an IRD 20 to miss its current seed distribution on even the shortest outages. In this case, the IRD 20 will appear to initially recover after an outage, but revert to unauthorized at the next flavor switch and remain that way through that next flavor distribution period.

In view of the foregoing, it will be seen that the several advantages of the invention are achieved and attained. The embodiments were chosen and described in order to best explain the principles of the invention and its practical application to thereby enable others skilled in the art to best utilize the invention in various embodiments and with various modifications as are suited to the particular use contemplated.

As various modifications could be made in the constructions and methods herein described and illustrated without departing from the scope of the invention, it is intended that all matter contained in the foregoing description or shown in the accompanying drawings shall be interpreted as illustrative rather than limiting. Thus, the breadth and scope of the present invention should not be limited by any of the above-described exemplary embodiments, but should be defined only in accordance with the following claims appended hereto and their equivalents.

Citations de brevets
Brevet cité Date de dépôt Date de publication Déposant Titre
US451898930 sept. 198221 mai 1985Hitachi, Ltd.Buffer memory dispersion type video/audio transmission system with spatially and timewise divided inter-office junction lines
US453817626 nov. 197927 août 1985Hitachi, Ltd.Buffer memory dispersion type video/audio transmission system
US45785319 juin 198225 mars 1986At&T Bell LaboratoriesEncryption system key distribution method and apparatus
US47193641 oct. 198512 janv. 1988Pulizzi Engineering, Inc.Multiple time delay power controller apparatus
US472328320 juin 19862 févr. 1988Sony CorporationData transmission system
US476178512 juin 19862 août 1988International Business Machines CorporationParity spreading to enhance storage access
US486461527 mai 19885 sept. 1989General Instrument CorporationReproduction of secure keys by using distributed key generation data
US488729616 oct. 198712 déc. 1989Ricoh Co., Ltd.Cryptographic system for direct broadcast satellite system
US490303120 oct. 198720 févr. 1990Trio Kabushiki KaishaSatellite receiver
US493006214 sept. 198929 mai 1990Nec CorporationComputer power supply with optically isolated shutdown circuits
US498589514 nov. 198815 janv. 1991Wegener Communications, Inc.Remote controlled receiving system apparatus and method
US501991012 sept. 198828 mai 1991Norsat International Inc.Apparatus for adapting computer for satellite communications
US502923212 janv. 19892 juil. 1991Cycle-Sat., Inc.Satellite communications network
US50365373 avr. 198730 juil. 1991General Instrument Corp.Geographic black-out method for direct broadcast satellite system
US504609229 mars 19903 sept. 1991Gte Laboratories IncorporatedVideo control system for transmitted programs
US505406429 mars 19901 oct. 1991Gte Laboratories IncorporatedVideo control system for recorded programs
US523564321 mai 199110 août 1993Anderson Steven ESatellite receiver retuning system
US53675712 déc. 199222 nov. 1994Scientific-Atlanta, Inc.Subscriber terminal with plug in expansion card
US53814814 août 199310 janv. 1995Scientific-Atlanta, Inc.Method and apparatus for uniquely encrypting a plurality of services at a transmission site
US54045051 nov. 19914 avr. 1995Finisar CorporationSystem for scheduling transmission of indexed and requested database tiers on demand at varying repetition rates
US54103264 déc. 199225 avr. 1995Goldstein; Steven W.Programmable remote control device for interacting with a plurality of remotely controlled devices
US542101714 janv. 199430 mai 1995Siemens AktiengesellschaftReal time control system and method for replacing software in a controlled system
US544063228 mars 19948 août 1995Scientific-Atlanta, Inc.Reprogrammable subscriber terminal
US548557716 déc. 199416 janv. 1996General Instrument Corporation Of DelawareMethod and apparatus for incremental delivery of access rights
US555057617 avr. 199527 août 1996Starsight Telecast IncorporatedMethod and apparatus for merging television program schedule information received from multiple television schedule information sources
US559449023 mai 199414 janv. 1997Cable Services Technologies, Inc.System for distributing video/audio files from central location to a plurality of cable headends
US56443549 oct. 19921 juil. 1997Prevue Interactive, Inc.Interactive video system
US565111528 déc. 199422 juil. 1997Sony CorporationApparatus for supplying a leading-end signal from leading-end memory means thereafter supplying the corresponding information signal from a storage means via a buffer means
US56574141 déc. 199212 août 1997Scientific-Atlanta, Inc.Auxiliary device control for a subscriber terminal
US568452528 mars 19964 nov. 1997Starsight Telecast IncorporatedMerging multi-source information in a television system
US56943346 sept. 19952 déc. 1997Starguide Digital Networks, Inc.Method and apparatus for electronic distribution of digital multi-media information
US571296910 sept. 199427 janv. 1998Robert Bosch GmbhMethod for completely reprogramming an erasable, non-volatile memory
US571788728 juil. 199510 févr. 1998Nomai SaSystem for the automatic substitution of control firmware embedded in a removable disk drive
US575195016 avr. 199612 mai 1998Compaq Computer CorporationSecure power supply for protecting the shutdown of a computer system
US575493831 oct. 199519 mai 1998Herz; Frederick S. M.Pseudonymous server for system for customized electronic identification of desirable objects
US576140611 août 19972 juin 1998Fujitsu LimitedMethod of controlling data transfer and a safe shutdown in a hierarchical cache system during power cut-off
US57647732 nov. 19949 juin 1998Kabushiki Kaisha ToshibaRepeating device, decoder device and concealment broadcasting
US579908326 août 199625 août 1998Brothers; Harlan JayEvent verification system
US580570529 janv. 19968 sept. 1998International Business Machines CorporationSynchronization of encryption/decryption keys in a data communication network
US581540929 oct. 199629 sept. 1998Samsung Electronics Co., Ltd.Control system and method for automatic shutdown of a power supply
US581566215 août 199629 sept. 1998Ong; LancePredictive memory caching for media-on-demand systems
US58284025 déc. 199627 oct. 1998Canadian V-Chip Design Inc.Method and apparatus for selectively blocking audio and video signals
US58289458 août 199627 oct. 1998Starsight Telecast, Inc.Merging multi-source information in a television system
US586462112 juin 199626 janv. 1999Multichannel Communication Sciences, Inc.Broadband television scrambling and descrambling system
US58728467 nov. 199616 févr. 1999Mci Communications CorporationSystem and method for providing security in data communication systems
US588673317 mai 199623 mars 1999Sun Microsystems, Inc.Method and apparatus for successive refinement of broadcasted video frames
US589276711 mars 19976 avr. 1999Selsius Systems Inc.Systems and method for multicasting a video stream and communications network employing the same
US589869527 mars 199627 avr. 1999Hitachi, Ltd.Decoder for compressed and multiplexed video and audio data
US590376613 janv. 199711 mai 1999Packard Bell Nec, Inc.Suspend/resume capability for a protected mode microprocessor
US591791520 juin 199529 juin 1999Sony CorporationScramble/descramble method and apparatus for data broadcasting
US591805915 août 199729 juin 1999Compaq Computer CorporationMethod and apparatus for responding to actuation of a power supply switch for a computing system
US592062620 déc. 19966 juil. 1999Scientific-Atlanta, Inc.Analog/digital system for television services
US592336228 mars 199713 juil. 1999Starsight Telecast, Inc.Merging multi-source information in a television system
US593051530 sept. 199727 juil. 1999Scientific-Atlanta, Inc.Apparatus and method for upgrading a computer system operating system
US593666010 déc. 199710 août 1999Rockwell Semiconductor System, Inc.Digital video converter box for subscriber/home with multiple television sets
US597372312 déc. 199726 oct. 1999Deluca; Michael JosephSelective commercial detector and eliminator apparatus and method
US598751828 oct. 199616 nov. 1999General Instrument CorporationMethod and apparatus for communicating internet protocol data over a broadband MPEG channel
US598751919 sept. 199716 nov. 1999Georgia Tech Research CorporationTelemedicine system using voice video and data encapsulation and de-encapsulation for communicating medical information between central monitoring stations and remote patient monitoring stations
US599180022 mai 199723 nov. 1999Motorola, Inc.Method and apparatus for providing internet service at a subscriber premise
US599965416 juil. 19977 déc. 1999Matsushita Electric Industrial Co., Ltd.Image processor capable of transferring image data from an input buffer to memory at a high rate of speed
US602372322 déc. 19978 févr. 2000Accepted Marketing, Inc.Method and system for filtering unwanted junk e-mail utilizing a plurality of filtering mechanisms
US602586920 août 199615 févr. 2000Music CorporationVideo viewing supervision system
US602643928 oct. 199715 févr. 2000International Business Machines CorporationFile transfers using playlists
US604078126 mai 199821 mars 2000MotorolaEvent reminder for a communication device
US60408505 mai 199721 mars 2000Electronics And TelecommunicationsMethod for interfacing between transmitter and receiver of digital broadcasting system through satellite
US604420529 févr. 199628 mars 2000Intermind CorporationCommunications system for transferring information between memories according to processes transferred with the information
US605492015 oct. 199625 avr. 2000Interactive Technologies,Inc.Alarm system receiver supervisor
US606730011 juin 199823 mai 2000Cabletron Systems, Inc.Method and apparatus for optimizing the transfer of data packets between local area networks
US607298313 oct. 19986 juin 2000Starsight Telecast, Inc.Merging multi-source information in a television system
US60946719 oct. 199725 juil. 2000Starguide Digital Networks, Inc.Aggregate information production and display system
US609766229 janv. 19991 août 2000Mitsubishi Denki Kabushiki KaishaDynamic semiconductor memory device with low power consumption mode increasing electrostatic capacity of memory cell than in normal operation mode
US610118012 nov. 19978 août 2000Starguide Digital Networks, Inc.High bandwidth broadcast system having localized multicast access to broadcast content
US611365212 févr. 19985 sept. 2000General Data Comm, Inc.Communications network equipment capable of non-disruptive software upgrade
US611582420 janv. 19985 sept. 2000Samsung Electronics Co., Ltd.Apparatus and a method for avoiding the accidental termination of computer power
US61345896 mai 199817 oct. 2000Telefonaktiebolaget Lm EricssonDynamic quality control network routing
US615474523 déc. 199728 nov. 2000Nokia Mobile Phones Ltd.Method for transmission of information to the user
US615772223 mars 19985 déc. 2000Interlok Technologies, LlcEncryption key management system and method
US61638098 déc. 199719 déc. 2000Microsoft CorporationSystem and method for preserving delivery status notification when moving from a native network to a foreign network
US616980217 déc. 19962 janv. 2001Motorola, Inc.Dynamic private key security system for personal messaging devices
US617333017 sept. 19969 janv. 2001Motorola, Inc.Delivery and acquisition of data segments with optimized inter-arrival time
US61821877 avr. 199330 janv. 2001Compaq Computer CorporationSystem ROM including a flash EPROM and a ROM for storing primary boot code replacing a block flash EPROM
US62194225 mars 199817 avr. 2001Sony CorporationData transmitting apparatus, receiving apparatus, and data transmission and reception system
US622292315 déc. 199724 avr. 2001Deutsche Telekom AgMethod for securing system protected by a key hierarchy
US623016314 août 19988 mai 2001U.S. Philips CorporationTransient datastream-processing buffer memory organization with software management adapted for multilevel housekeeping
US624018811 nov. 199929 mai 2001Matsushita Electric Industrial Co., Ltd.Distributed group key management scheme for secure many-to-many communication
US62467528 juin 199912 juin 2001Valerie BscheiderSystem and method for data recording
US625093029 mai 199826 juin 2001Picante Communications CorporationMulti-functional communication and aggregation platform
US62526526 mai 199926 juin 2001Lifetouch Portrait Studios, Inc.High speed package printer
US625302717 juin 199626 juin 2001Hewlett-Packard CompanySystem, method and article of manufacture for exchanging software and configuration data over a multichannel, extensible, flexible architecture
US626298220 janv. 200017 juil. 2001Starguide Digital Networks, Inc.High bandwidth broadcast system having localized multicast access to broadcast content
US626633913 mai 199924 juil. 2001Starguide Digital Networks, Inc.High bandwidth broadcast system having localized multicast access to broadcast content
US626681017 avr. 199824 juil. 2001Matsushita Electric Industrial Co., Ltd.Remote program downloading system and apparatus
US627254927 mai 19987 août 2001Hewlett Packard CompanyMethod for using electronic mail for exchanging data between computer systems
US629258625 janv. 199918 sept. 2001Fujitsu LimitedArithmetic unit, correlation arithmetic unit and dynamic image compression apparatus
US631716226 oct. 199913 nov. 2001Sanyo Electric Co., Ltd.Digital television receiver including non-volatile memory
US63318763 nov. 199718 déc. 2001U.S. Philips CorporationMethod of updating software in a video receiver
US63321989 juin 200018 déc. 2001Equipe Communications CorporationNetwork device for supporting multiple redundancy schemes
US634337918 mars 199929 janv. 2002Sony CorporationReceiver and program updating method
US635152420 janv. 199926 févr. 20023Com CorporationToll saving method and apparatus for a remote access system
US635963617 juil. 199519 mars 2002Gateway, Inc.Graphical user interface for control of a home entertainment system
US637394815 août 199716 avr. 2002Lucent Technologies Inc.Cryptographic method and apparatus for restricting access to transmitted programming content using program identifiers
US637798120 nov. 199723 avr. 2002Cyberstar, L.P.Modular digital data communication cyberstation and cyberserver
US637812930 mars 199823 avr. 2002International Business Machines CorporationVideo server content synchronization
US638564718 août 19977 mai 2002Mci Communications CorporationsSystem for selectively routing data via either a network that supports Internet protocol or via satellite transmission network based on size of the data
US639358523 déc. 199821 mai 2002Scientific-Atlanta, Inc.Method and apparatus for restoring operating systems in a set-top box environment
US640026524 avr. 20014 juin 2002Microstrategy, Inc.System and method for monitoring security systems by using video images
US640124222 juin 20004 juin 2002General Instrument CorporationMethod and apparatus for designating a preferred source to avoid duplicative programming services
US641161619 avr. 200025 juin 2002Starguide Digital Networks, Inc.High bandwidth broadcast system having localized multicast access to broadcast content
US641532930 oct. 19982 juil. 2002Massachusetts Institute Of TechnologyMethod and apparatus for improving efficiency of TCP/IP protocol over high delay-bandwidth network
US642167415 févr. 200016 juil. 2002Nortel Networks LimitedMethods and systems for implementing a real-time, distributed, hierarchical database using a proxiable protocol
US642471418 août 199823 juil. 2002Scientific-Atlanta, Inc.Method and apparatus for providing conditional access in connection-oriented interactive networks with a multiplicity of service providers
US642471716 déc. 199923 juil. 2002Scientific-Atlanta, Inc.Encryption devices for use in a conditional access system
US642512713 janv. 200023 juil. 2002International Business Machines CorporationMethod and system for controlling visual access by a user to broadcast video segments
US643022330 oct. 19986 août 2002Lg Electronics Inc.Motion prediction apparatus and method
US644963429 janv. 199910 sept. 2002Digital Impact, Inc.Method and system for remotely sensing the file formats processed by an E-mail client
US64630594 déc. 19988 oct. 2002Koninklijke Philips Electronics N.V.Direct memory access execution engine with indirect addressing of circular queues in addition to direct memory addressing
US646676530 août 199915 oct. 2002K.K. Video ResearchPortable radio listening status recorder
US64670933 févr. 199915 oct. 2002Sony CorporationMethod and apparatus for receiving digital broadcasts
US64704962 août 199922 oct. 2002Matsushita Electric Industrial Co., Ltd.Control program downloading method for replacing control program in digital broadcast receiving apparatus with new control program sent from digital broadcast transmitting apparatus
US64776478 févr. 19995 nov. 2002Postx CorporationSystem and method for providing trade confirmations
US648758928 déc. 199926 nov. 2002Hitachi, Ltd.Information device, information device system control method, and information device system
US64877218 janv. 199926 nov. 2002General Instrument CorporationApparatus and method for digital advertisement insertion in a bitstream
US64877234 mai 199926 nov. 2002Scientific-Atlanta, Inc.Multicast downloading of software and data modules and their compatibility requirements
US6490353 *23 nov. 19983 déc. 2002Tan Daniel Tiong HokData encrypting and decrypting apparatus and method
US649387116 sept. 199910 déc. 2002Microsoft CorporationMethod and system for downloading updates for software installation
US649387618 févr. 199810 déc. 2002Time Warner Entertainment Company, L.P.System and method for providing a full service television system
US65104548 avr. 199921 janv. 2003Intel CorporationNetwork device monitoring with E-mail reporting
US651537630 juin 19994 févr. 2003Knorr-Bremse Systeme für Schienenfahrzeuge GmbHDevice for supplying current and/or voltage to a vehicle trailer for the supply of brake components
US651641216 mars 20014 févr. 2003Scientific-Atlanta, Inc.Authorization of services in a conditional access system
US65164674 août 19984 févr. 2003Gateway, Inc.System with enhanced display of digital video
US65570522 juin 200029 avr. 2003Matsushita Electric Industrial Co., Ltd.DMA transfer device
US657473325 janv. 19993 juin 2003Entrust Technologies LimitedCentralized secure backup system and method
US657780625 oct. 199910 juin 2003Kabushiki Kaisha ToshibaBroadcasting receiver for receiving and regenerating records of digital broadcasting
US661540418 mai 19992 sept. 2003Tadiran Telecom Business Systems Ltd.Method and apparatus for downloading software into an embedded-system
US671497328 janv. 200030 mars 2004Siemens AktiengesellschaftMethod and configuration for operating a communication network
US673132310 avr. 20024 mai 2004International Business Machines CorporationMedia-enhanced greetings and/or responses in communication systems
US673880830 juin 200018 mai 2004Bell South Intellectual Property CorporationAnonymous location service for wireless networks
US679226922 déc. 200014 sept. 2004Bellsouth Intellectual Property CorporationSystem, method and apparatus for tracking deployment of cellular telephone network sites
US685978714 févr. 200322 févr. 2005Ebay, Inc.Method and system for providing order status information using an update status flag
US700705017 mai 200128 févr. 2006Nokia CorporationMethod and apparatus for improved pseudo-random number generation
US70895611 juin 20018 août 2006Microsoft CorporationMethods and systems for creating and communicating with computer processes
US200100038461 déc. 200014 juin 2001New Horizons Telecasting, Inc.Encapsulated, streaming media automation and distribution system
US2001000590222 déc. 200028 juin 2001Bacon Kinney C.Reprogrammable subscriber terminal
US200100219975 déc. 200013 sept. 2001Samsung Electro-Mechanics Co., Ltd.Multichannel-type radio frequency modulation circuit
US2001004357316 févr. 200122 nov. 2001Frank KellySystem and method for providing control of a two-way satellite system
US2001004493420 févr. 200122 nov. 2001Giro HiraiComputer and computer readable recording medium on which program is recorded
US2002000083126 juin 20013 janv. 2002Akya LimitedModular software definable pre-amplifier
US2002000741813 juil. 200117 janv. 2002Vendaria, Inc.Method and system for delivering and monitoring an on-demand playlist over a network
US200200074856 sept. 200117 janv. 2002Rodriguez Arturo A.Television service enhancements
US2002000749414 mai 200117 janv. 2002Hodge Winston W.Interactive digital program material encoder and system
US200200109364 avr. 200124 janv. 2002John AdamDigital broadcasting
US2002001093825 mai 200124 janv. 2002Qian ZhangResource allocation in multi-stream IP network for optimized quality of service
US200200231433 avr. 200121 févr. 2002Stephenson Mark M.System and method for projecting content beyond firewalls
US2002002316529 janv. 200121 févr. 2002Lahr Nils B.Method and apparatus for encoder-based distribution of live video and other streaming content
US2002002664529 janv. 200128 févr. 2002Diva Systems Corp.Method and apparatus for content distribution via non-homogeneous access networks
US2002003417914 août 200121 mars 2002Ville OllikainenIP tunneling service without a return connection
US2002003573014 août 200121 mars 2002Ville OllikainenIP multicast service without a return connection
US2002004047517 avr. 20014 avr. 2002Adrian YapDVR system
US2002004133722 mai 200111 avr. 2002Brant CandeloreMethod for generating and looking-up transaction keys in communication networks
US2002004409427 juin 200118 avr. 2002May Brian DouglasSystem performance for use as feedback control of power supply output of digital receiver when receiver is operated in a standby mode
US2002004640720 févr. 200118 avr. 2002Alexander FrancoUse of web pages to remotely program a broadcast content recording system
US2002004789929 janv. 200125 avr. 2002Diva Systems CorporationMethod and apparatus for preprocessing and postprocessing content in an interactive information distribution system
US200200530738 mai 20012 mai 2002Hidemitsu ShimamotoUpgrading device and method of upgrading
US2002005612223 févr. 20019 mai 2002Kozo YokoyamaNetwork system for distributing video information to clients
US2002005925615 oct. 200116 mai 2002Pumatech, Inc., A Delaware CorporationRemote data access and synchronization
US2002006589130 nov. 200030 mai 2002Malik Dale W.Method and apparatus for automatically checking e-mail addresses in outgoing e-mail communications
US2002006929527 sept. 20006 juin 2002Cadopener.ComllcMethod and apparatus for delivery of data over a network
US2002007143431 oct. 200113 juin 2002Minoru FurukawaData transmitting apparatus, data transmitting method, and program recording medium
US2002008344127 déc. 200027 juin 2002Flickinger Gregory C.Advertisement filtering and storage for targeted advertisement systems
US2002009560016 janv. 200118 juil. 2002Deen Brian J.Sending notification through a firewall over a computer network
US2002009567625 août 199818 juil. 2002Robert A. KneeInteractive television program guide system for determining user values for demographic categories
US200200956898 mai 200118 juil. 2002Novak Robert E.Hardware decoding of media streams from multiple sources
US2002010409727 mars 20021 août 2002Scientific-Atlanta, IncSystem and method for a communication terminal to manage memory and maintain a current application version for multiple applications
US200201059768 déc. 20008 août 2002Frank KellyMethod and apparatus for deriving uplink timing from asynchronous traffic across multiple transport streams
US2002010812419 juin 20018 août 2002Keiji SatoMethod of and apparatus for broadcasting programs, method of and apparatus for receiving programs, and computer product
US200201081268 févr. 20018 août 2002Horowitz Steven M.Background enabled recording in a set top box
US2002010812812 sept. 20018 août 2002Todd LashMethod, apparatus, and system for overlapping enhancement control
US2002011207631 janv. 200115 août 2002Rueda Jose AlejandroInternet protocol-based computer network service
US2002012088528 févr. 200229 août 2002Choi Jong SungApparatus and method for upgrading software
US200201242437 déc. 20015 sept. 2002Broeksteeg Gerard HenricusMethod of and program for updating software
US200201242492 janv. 20015 sept. 2002Shintani Peter RaeTargeted advertising during playback of stored content
US2002012936416 nov. 200112 sept. 2002O2 Holdings, LlcOn-screen display area enabling media convergence useful for viewers and audio/visual programmers
US2002013142821 sept. 200119 sept. 2002Vivian PecusLarge edge node for simultaneous video on demand and live streaming of satellite delivered content
US2002013621823 mars 200126 sept. 2002Cardoso Augusto C.Method and apparatus for receiving interleaved streams of packets through a circular buffer
US2002013864126 mars 200126 sept. 2002Taylor Christopher StephenTargeted multimedia proxy server (tmps)
US2002013885227 nov. 200126 sept. 2002Steven ReynoldsSystem and method for providing an omnimedia package
US2002014429128 mars 20013 oct. 2002Mary SmileyNetwork publication of data synchronized with television broadcasts
US2002014612525 sept. 200110 oct. 2002Ahmet EskiciogluCA system for broadcast DTV using multiple keys for different service providers and service areas
US2002015010217 avr. 200117 oct. 2002Bozidar JankoStreaming media quality analyzer system
US200201524677 sept. 200117 oct. 2002Rosario FiallosAutomated generation of conditional access packets for IRD upgrades via radio frequency software download in satellite television systems
US2002016199725 sept. 200131 oct. 2002Fujitsu LimitedContent distribution system
US200201639354 mai 20017 nov. 2002Terago Communications, Inc.System and method for providing transformation of multi-protocol packets in a data stream
US2002017836025 juil. 200128 nov. 2002Storymail, Inc.System and method for communicating a secure unidirectional response message
US2002018433917 déc. 20015 déc. 2002Radio, Wave.Com, Inc.System and method for coordinating supplemental materials with broadcast material
US2002018452919 avr. 20025 déc. 2002Foster Michael S.Communicating data through a network
US2002018464223 avr. 20025 déc. 2002Lude Peter J.Method and apparatus for opportunistically broadcasting rich media digital content
US2002018465124 oct. 20015 déc. 2002Ken MatsushitaData processing apparatus, information managing method, computer program product for data processing apparatus, and data processing network system
US2002019164022 mai 200219 déc. 2002International Business Machines CorporationMulti-protocol agile framer
US2002019426022 janv. 199919 déc. 2002Kent Lawrence HeadleyMethod and apparatus for creating multimedia playlists for audio-visual systems
US2002019459524 sept. 200119 déc. 2002Miller Douglas A.Aggregation & substitution of user-specified content
US2002019900125 juil. 200126 déc. 2002Storymail, Inc.System and method for conducting a secure response communication session
US2002019909625 juil. 200126 déc. 2002Storymail, Inc.System and method for secure unidirectional messaging
US200300039044 déc. 20002 janv. 2003Soichiro MatsumotoCommunication controller and control method therefor
US2003000503727 juin 20012 janv. 2003Gunnar AijaCrash recovery system
US2003000543929 juin 20012 janv. 2003Rovira Luis A.Subscriber television system user interface with a virtual reality media space
US2003000544429 juin 20012 janv. 2003Crinon Regis J.Carousel exhibiting multiple occurrences of a module
US2003000969425 juil. 20019 janv. 2003Storymail, Inc.Hardware architecture, operating system and network transport neutral system, method and computer program product for secure communications and messaging
US2003000976924 juin 20029 janv. 2003Debra HensgenTrusted application level resource advisor
US2003001219016 avr. 200216 janv. 2003General Instrument CorporationIP data encapsulation and insertion in a transport multiplexer
US200300147679 juil. 200116 janv. 2003Sirius Satellite RadioSystem and method for creating and receiving personalized broadcasts
US2003001666423 juil. 200123 janv. 2003Melampy Patrick J.System and method for providing rapid rerouting of real-time multi-media flows
US2003001891218 juil. 200123 janv. 2003Boyle Steven C.Null-packet transmission from inside a firewall to open a communication window for an outside transmitter
US2003004670828 août 20016 mars 2003Jutzi Curtis E.Error correction for regional and dynamic factors in communications
US2003009332713 nov. 200115 mai 2003Bellsouth Intellectual Property CorporationSystems and methods for processing an electronic request to purchase goods or services
US200301060645 déc. 20015 juin 2003Plourde Harold J.Application management and interface for cluster control of time shift buffer
US2003011051111 déc. 200112 juin 2003Schutte Mark E.Controlling personal video recording functions from interactive television
US2003011191117 déc. 200119 juin 2003Shi-Fa HsuPower control circuit with power-off time delay control for microprocessor-based system
US2003013560511 janv. 200217 juil. 2003Ramesh PendakurUser rating feedback loop to modify virtual channel content and/or schedules
US2003014010722 juin 200124 juil. 2003Babak RezvaniSystems and methods for virtually representing devices at remote sites
US2003015447511 févr. 200214 août 2003Rodriguez Arturo A.Management of television advertising
US2003015449213 févr. 200214 août 2003General Instrument CorporationCorrelation of tuned channel information with internet web addresses
US2003016382126 févr. 200228 août 2003Knutson Paul GothardSatellite television system ground station having wideband multi-channel LNB converter/transmitter architecture with controlled uplink transmission
US2004012248923 déc. 200224 juin 2004Cardiac Pacemakers, Inc.Implantable medical device having long-term wireless capabilities
US200600590247 nov. 200316 mars 2006Flytecomm, Inc.Advanced travel management system
EP0993183A28 oct. 199912 avr. 2000Matsushita Electric Industrial Co., Ltd.Method for updating software in a digital television receiver using recorded data
Citations hors brevets
Référence
1"Bridging DVB And IP Networks With Optibase's MGW 3100", Available from http://www.optibase.com.cn/html/solutions/white_papers/Bridging_DVB_and_IP.html on Jul. 11, 2002, (Jul. 11, 2002), 7 pages.
2"MPEG-2 Transport Stream Description", Rev. 2.29.00, Compiled by Ron Wallace, (Feb. 29, 2000), 35 pages.
3"Optibase MGW 3100 Brochure (2001)", (2001).
4Notification of Transmittalof the International Search Report and the Written Opinion of the international Searching Authority, Or the Declaration, (Jun. 23, 2006).
5Unknown, "Network cpontrol brochure", Wegenar communications compel, (Feb. 28, 2002).
6Unknown, "Wegner Compel Control; The Advanced network control system user manual", Wegener communications, (May 2001).
Classifications
Classification aux États-Unis380/262, 380/44, 380/46
Classification internationaleH04L9/00, H04L9/12, H04L9/18, H04H40/90, H04N7/167
Classification coopérativeH04L2209/12, H04L2209/601, H04L9/0662, H04H40/90, H04N21/63345, H04N21/26606, H04N21/6143, H04L9/12, H04N7/1675, H04H60/23, H04N21/454, H04N21/26613
Classification européenneH04N7/167D, H04L9/12, H04L9/18, H04N21/61D6, H04N21/266K, H04N21/454, H04N21/266E, H04N21/6334K, H04H60/23
Événements juridiques
DateCodeÉvénementDescription
24 janv. 2011ASAssignment
Owner name: EPAX CONSULTING LIMITED LIABILITY COMPANY, DELAWAR
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:WEGENER COMMUNICATIONS, INC.;REEL/FRAME:025685/0292
Effective date: 20080703
Owner name: WEGENER COMMUNICATIONS, INC., GEORGIA
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:OLIVIER, STEVE;PELKEY, GARY L.;PLACEK, DAVID M.;AND OTHERS;REEL/FRAME:025685/0054
Effective date: 20030812
24 sept. 2014FPAYFee payment
Year of fee payment: 8
13 janv. 2016ASAssignment
Owner name: NYTELL SOFTWARE LLC, DELAWARE
Free format text: MERGER;ASSIGNOR:EPAX CONSULTING LIMITED LIABILITY COMPANY;REEL/FRAME:037475/0533
Effective date: 20150826