WO2004019547A1 - Fast synchronization in smart cards - Google Patents

Fast synchronization in smart cards Download PDF

Info

Publication number
WO2004019547A1
WO2004019547A1 PCT/US2003/025905 US0325905W WO2004019547A1 WO 2004019547 A1 WO2004019547 A1 WO 2004019547A1 US 0325905 W US0325905 W US 0325905W WO 2004019547 A1 WO2004019547 A1 WO 2004019547A1
Authority
WO
WIPO (PCT)
Prior art keywords
packet
information
byte
synchronization
bytes
Prior art date
Application number
PCT/US2003/025905
Other languages
French (fr)
Inventor
Mark Alan Schultz
Dinakaran Chidambaram
Original Assignee
Thomson Licensing S.A.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Thomson Licensing S.A. filed Critical Thomson Licensing S.A.
Priority to AU2003263909A priority Critical patent/AU2003263909A1/en
Priority to BR0306136-1A priority patent/BR0306136A/en
Publication of WO2004019547A1 publication Critical patent/WO2004019547A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L7/00Arrangements for synchronising receiver with transmitter
    • H04L7/04Speed or phase control by synchronisation signals
    • H04L7/08Speed or phase control by synchronisation signals the synchronisation signals recurring cyclically
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L7/00Arrangements for synchronising receiver with transmitter
    • H04L7/04Speed or phase control by synchronisation signals
    • H04L7/041Speed or phase control by synchronisation signals using special codes as synchronising signal

Definitions

  • This invention relates to smart cards, and more particularly to rapid synchronization to synchronization bytes of multi-byte information packets.
  • the necessary decryption keys accompany the video stream, and can be extracted therefrom. These decryption keys are transmitted relatively infrequently, say every half-second or so. Thus, under least-optimum timing conditions, decryption might not start for one-half second after the key became available to the smart card. The key may be changed at the source every few seconds for improved security. There may be different keys for various different ones of the available video streams, andor for different ones of the smart- card/delivery-device pairs. [0006] In order to obtain the decryption key from the delivered encrypted information stream, the smart card must correctly decode the set of bytes containing the key information from among the bytes of each packet of information.
  • a serial bit stream of MPEG transport stream video might be made up of successive packets of information, where each packet of information consists of 188 bytes, each of 8 bits. Within each 188-byte packet, the first 8-bit byte is a synchronization byte having a value of forty-seven (47).
  • PLD packet identification
  • These packet identification bytes carry information relating to the type of information in the packet, the type of coding, error detection and correction (ED AC) and the like. Since each packet contains 188 bytes, there are 187 bytes between successive synchronization bytes, and 183 bytes between the end of the packet identification bytes and the next following synchronization byte.
  • FIGURE 1 is a simplified block diagram of a portion of a smart card 10 including a decryption block, a key extraction block, and a prior art synchronizing arrangement.
  • encrypted serial information is applied by way of an input port 12 to a port 14i of a prior-art synchronizer 14.
  • the encrypted serial information is in the form of packets of 188 bytes, where each byte is of eight bits. Within each packet, the first byte is a synchronization byte, which has a particular value. In the case of a MPEG transport stream, the particular value of the synchronization byte is forty-seven (47).
  • Synchronizer 14 of FIGURE 1 generates a byte clock on an output signal path 16, which is used to clock a serial-to-parallel converter illustrated as a block 20.
  • Encrypted serial information delayed relative to the encrypted serial information applied to input port 12, is produced on an output signal path 18 of synchronizer 14, and is applied to serial-to-parallel converter 20.
  • Serial-to-parallel converter 20 produces on a signal path 24 a stream of eight-parallel-bit bytes in response to the byte clock.
  • a packet synchronization or reset signal generated on an output path 22 of synchronizer 14 is used for a timing reference in a triple DES decryption engine.
  • the NRSS system delay through the smart card is a constant clock delay even though there may be gaps between the 188-byte packets.
  • the reset or sync signal of the next packet helps to establish if a gap exists or no gap is found between packets, which adjusts the processing for terminating the present or current packet and the beginning of processing of the incoming packet.
  • the encrypted stream of parallel-bit bytes produced by serial-to-parallel converter 20 of FIGURE 1 is applied to a key extraction arrangement illustrated as a block 30.
  • the key information is transmitted in a number of bytes found in the serial bit stream entering port 12 of smart card 10, on an infrequent basis, such as every half- second.
  • Block 30 monitors the parallel-bit byte stream and, when key information is available, extracts the key, and processes it, if necessary, as by decrypting, and applies the resulting decrypted key to a memory or register illustrated as a block 28.
  • a decryptor illustrated as a block 26, receives the encrypted parallel-bit bytes from converter 20, and decrypts the information using the key which is available in register 28.
  • FIGURE 2 is a simplified block diagram of a prior-art synchronizer which may be used in block 14 of FIGURE 1.
  • the encrypted serial information is applied by way of input port 14i of synchronizer 14 to the input port 210i of an eight-bit delay line or register 210.
  • Delay line 210 makes each of the stored eight bits available on a set 212 of output lines 212a, 212b, . . . 212g, 212h.
  • the eight-bit-period delayed encrypted serial information is output from block 210 at an output port 210o, and is applied by way of signal path 18 to serial-to-parallel converter 20.
  • an AND gate 214 includes eight input ports 1, 2, . . ., 7, 8, each of which is connected to one of the eight bit lines of set 212. More particularly, input ports 1 and 2 of AND gate 214 are connected to bit lines 212g and 212h, respectively, and input ports 7 and 8 of AND gate 214 are connected to bit lines 212a and 212b, respectively.
  • AND gate 214 includes a further input port designated EN9. This further input port is used as an enable (EN) input port, enabling the remaining input ports in response to a selected logic level applied over a bit line 216, and disabling the gate in response to the other logic level. In one version, positive logic is used, and the enabling logic level is logic high.
  • AND gate 214 of FIGURE 2 monitors/detects the value of the bits traversing 8-bit delay line 210.
  • AND gate 214 is configured to, when enabled, respond to the value of a synchronizing byte, which in one version has a bit value of forty-seven (47).
  • AND gate 214 responds by producing a packet synchronizing (sync) or reset signal on signal path 22.
  • the sync signal on signal path 22 is applied to a three (3)-bit counter illustrated as a block 218, which resets to zero (or to full count, as desired) and then counts eight clock cycles.
  • a byte corresponds to eight bits or clock cycles
  • the full count of counter 218 occurs once per byte, and may be considered to be a byte clock.
  • the byte clock signal produced by counter 218 is applied by way of path 16 to serial-to-parallel converter 20, to aid in producing the parallel-bit bytes.
  • converter 20 accepts eight bits, and produces one byte every eight bit clock cycles.
  • the sync signal or reset pulse produced on path 22 by AND gate 214 of FIGURE 2 is also applied to a reset input port 228r of a counter 228, together with the byte clock from counter 218.
  • Counter 228 counts a number of bytes corresponding to the number of bytes between successive packet synchronizing pulses. More particularly, in an exemplary arrangement in which there are 188 bytes in each packet, one of which is the synchronization byte, there are 187 byte intervals between two successive synchronization bytes. At full count, counter 228 generates a logic high or logic 1 at its output port 228o, which is applied to the enable input port EN9 of AND gate 214, to thereby enable AND gate 214 to detect the next synchronization byte.
  • output port 228o of counter 228 produces a logic low or 0 signal, which disables AND gate 214. Disabling the AND gate for all periods other than the expected arrival time of the synchronization byte tends to reduce the incidence of response of AND gate 214 to occasional byte values of 47, which may occur during operation.
  • a method of processing a digital data stream containing packets of information, where each packet includes a synchronization portion defining a value, and a packet identification portion comprises receiving packets of the data stream containing the synchronization portion and the packet identification portion and periodically enabling a detector for detecting the value in a portion of a packet of the data stream.
  • a synchronization signal is generated in response to the detection for synchronizing processing of the packets.
  • a subsequent portion of the packet is compared with stored information intended to correspond to the packet identification portion, to determine whether the synchronization signal resulted from detection of the synchronization portion associated with the packet. If the comparison fails to reveal a match, the detector is re- enabled for further detection of the value.
  • an apparatus for processing a digital data stream containing packets of information where each packet includes a synchronization portion defining a value, and a packet identification portion.
  • the apparatus is operable for receiving packets of the data stream containing the synchronization portion and the packet identification portion.
  • a detector having a controllable input is responsive to the value in the data stream for producing a synchronization signal, whereby the detector produces a synchronization signal in response to the synchronization portion of a packet in the data stream and also in response to an information item having the value.
  • a counter responsive to the synchronization signal, counts a predetermined number of bytes associated with the received packets of the data stream, and produces an enable signal for controlling the controllable input of the detector for enabling detection at a time corresponding to the predetermined number of bytes after the synchronization signal, thereby enabling the detector to respond to a further synchronization portion associated with a packet in the data stream, and whereby, if the detector responds to an information item rather than to a synchronization portion, at least the predetermined number of byte periods must pass before resynchromzation can begin.
  • a comparator responsive to the synchronization signal is operable for matching a subsequent portion of the packet data stream following the detected value, with stored information intended to correspond to the packet identification portion, and, in the absence of a match, generating and applying an input enable signal to the controllable input, thereby enabling the detector to further search for and detect a received the value prior to the expiry of a period of the predetermined number of bytes.
  • a smart card is for decrypting encrypted N-byte information packets, where the information packets include a synchronization byte defining a value, a first plurality of packet identification bytes following the synchronization byte, and, from time to time, a decryption key.
  • the card comprises a key-controlled decryption arrangement coupled to receive the encrypted N-byte information packets, for decrypting the information to produce decrypted information, and a delay device for delaying the information for the number of bits in a byte of the information, and for providing simultaneous access to each of the bits in the information so delayed.
  • a controllable gate is coupled to the delay device, for responding to the value with (or by generating) a synchronization signal or reset pulse, whereby the gate produces a synchronization signal in response to the synchronization byte and also in response to an information byte having the value.
  • a key extraction arrangement is coupled to receive the information, for, when synchronized to the packets by the synchronization signal, extracting the key, thereby allowing the decryption arrangement to decrypt the information.
  • the smart card also includes a byte clock generator; and a serial-to-parallel converter coupled to an output port of the delay device and to the byte clock generator, for converting the information output from the delay device from serial- bit to byte form at the rate of the byte clock.
  • a byte counter is coupled to receive the synchronization signal, for counting N-l bytes, and for producing an enable signal for controlling the controllable gate at a time N-l bytes after the synchronization signal, thereby enabling the controllable gate to respond to a further synchronization byte, whereby, if the controllable gate responds to an information byte rather than to a synchronization byte, at least N-l byte periods must pass before resynchronization can begin.
  • An identification packet comparator is coupled to the serial-to-parallel converter, for matching with stored information at least one of the first plurality of packet identification bytes following the synchronization signal generated by the controllable gate, and, in the absence of a match, for generating and applying a gate enable signal to the controllable gate, thereby enabling the controllable gate to search for the value prior to the expiry of a period of N-l bytes.
  • the encrypted serial information comprises MPEG serial transfer format video with 188-byte packets, 8 bits per byte, and starting with a synchronization byte having a value of 47.
  • FIGURE 1 is a simplified diagram of a decryptor for encrypted serial information in the form of successive packets
  • FIGURE 2 is a simplified block diagram of a prior art synchronizing portion of the arrangement of FIGURE 1;
  • FIGURE 3 is a simplified block diagram of a synchronizing portion of the arrangement of FIGURE 1 according to an aspect of the invention.
  • FIGURE 3 differs from FIGURE 2 in having an OR gate 310 connected in signal path 216 between output port 228o of counter 228 and the enable input port EN9 of AND gate 214. More particularly, port 228o of counter 228 is connected to an input port 310 ⁇ of OR gate 310, and the output port 31 Oo of OR gate 310 is connected to port EN9 of AND gate 214.
  • OR gate 310 has no effect on the enabling and disabling of AND gate 214 by counter 228, so that when counter 228 reaches a full count of 187 byte intervals, it produces an enable signal which enables AND gate 214 for the next following byte, and maintains AND gate 214 disabled otherwise.
  • OR gate 310 of FIGURE 3 has its second input port 310 2 connected to the output port 312o of an AND gate 312.
  • AND gate 312 effectively provides a second input port, designated 3121! by which AND gate 214 can be enabled. More particularly, if the output port 312o of AND gate 312 is logic high, that logic high level will be coupled through OR gate 310 to the enable input port EN9 of AND gate 214 regardless of the state of output port 228o of counter 228.
  • a block illustrated as 314 in FIGURE 3 stores the bit patterns of the packet identification (PID) bytes which are of interest to the smart card 10 of FIGURE 1, and makes the patterns available to a comparator arrangement illustrated as a block 316.
  • the PID bytes immediately follow the sync byte.
  • Comparator 316 is enabled for comparison of the stream of data bytes arriving by way of path 24 with at least one, and preferably a set of two or more, of the PID bytes within the data stream.
  • Comparator 316 is enabled by a enable (EN) signal applied from the output port 320o of a window generator 320.
  • Window generator 320 responds to at least the second count of the counter 228 following the sync or reset signal, and preferably to the second, third, fourth, and fifth counts, to enable comparison block 316 during the first, or preferably the first through fourth counter-228 counts following the sync bit which resets counter 228.
  • comparison block 316 compares the stream of parallel-bit bytes applied from path 24 with the PID byte(s). If a match is found, the output port 316o of comparator 316 remains at an inactive (logic low) level. With port 316o at an inactive level, AND gate 312 is disabled, and the logic level at its output port remains at an inactive logic level.
  • the PID comparison arrangement including memory 314, comparator 316, and gates 310 and 312 has no effect on the prior-art portion of the synchronizer, namely the FIGURE 2 synchronizer.
  • output port 316o of comparator 316 produces an active logic state, such as a logic high level.
  • the active logic state propagates through AND gate 312 if the gate is enabled by having its ON/OFF input port (and therefore its input port 312i 2 ) at an active logic state.
  • comparison block 316 in the absence of a match between the stored PID bytes and the current data bytes propagates through AND gate 312 if enabled, and also propagates through OR gate 310 to the enable input port EN9 of AND gate 214, thereby enabling AND gate 214 to continue searching for/detecting a synchronization byte.
  • comparison block 316 fails to match any one of the PID bytes, synchronization is deemed to not be achieved, and gate 214 is re-enabled to search for another sync byte.
  • the window generator 320 may enable comparison block 316 during a single byte interval or plural byte intervals, and the enabled intervals may immediately follow the sync byte(s) or be separated therefrom, and may even enable the comparison block during plural subintervals in each packet interval, as desired.
  • the synchronization signal within the information stream may be a single byte having a value or may include further bytes.
  • the number of PID bytes may be of any desired value, as can the number of bytes in a packet. Accordingly, various modifications and changes can be made without departing from the spirit of the invention. All such modifications and changes are considered to be within the scope of the appended claims

Abstract

A method of processing a digital data stream containing packets of information, where each packet includes a synchronization portion defining a value, and a packet identification portion. The method comprises receiving packets of the data stream containing the synchronization portion and the packet identification portion and periodically enabling a detector for detecting the value in a portion of a packet of the data stream. A synchronization signal is generated in response to the detection for synchronizing processing of the packets. In response to the synchronization signal, a subsequent portion of the packet is compared with stored information intended to correspond to the packet identification portion, to determine whether the synchronization signal resulted from detection of the synchronization portion associated with the packet. If the comparison fails to reveal a match, the detector is re-enabled for further detection of the value.

Description

FAST SYNCHRONIZATION IN SMART CARDS
Cross-Reference to Related Applications [0001] This application claims the benefit of the priority of U.S. Provisional Application 60/405,203 filed August 22, 2002 in the name of Schultz et al.
[0002] This application is related to commonly assigned patent application entitled "Smart Card With NRSS Delay Line For Data Alignment" filed on August 15, 2003 in the name of Schultz et al. (Docket Number PU020388).
Field of the Invention
[0003] This invention relates to smart cards, and more particularly to rapid synchronization to synchronization bytes of multi-byte information packets.
Background of the Invention [0004] Delivery of various forms of information and entertainment is often conditional, in that the information or entertainment is available only if the recipient pays the owner of the information, or is otherwise an authorized recipient. Smart cards can be used to provide the authorization necessary for such conditional delivery. In general, custody of the smart card represents the authorization required to interface with a delivery system. [0005] In the context of delivery of serial video using an MPEG standard transport stream, the video as delivered from a source may be encrypted, and the smart card performs the decryption needed to convert the video to usable form. The decryption is performed by a decryption device or circuit located on the smart card. In order for decryption to take place, the decryptor on the smart card requires a proper key. The necessary decryption keys accompany the video stream, and can be extracted therefrom. These decryption keys are transmitted relatively infrequently, say every half-second or so. Thus, under least-optimum timing conditions, decryption might not start for one-half second after the key became available to the smart card. The key may be changed at the source every few seconds for improved security. There may be different keys for various different ones of the available video streams, andor for different ones of the smart- card/delivery-device pairs. [0006] In order to obtain the decryption key from the delivered encrypted information stream, the smart card must correctly decode the set of bytes containing the key information from among the bytes of each packet of information. As an example, a serial bit stream of MPEG transport stream video might be made up of successive packets of information, where each packet of information consists of 188 bytes, each of 8 bits. Within each 188-byte packet, the first 8-bit byte is a synchronization byte having a value of forty-seven (47). Four packet identification (PLD) bytes immediately follow the packet synchronization byte. These packet identification bytes carry information relating to the type of information in the packet, the type of coding, error detection and correction (ED AC) and the like. Since each packet contains 188 bytes, there are 187 bytes between successive synchronization bytes, and 183 bytes between the end of the packet identification bytes and the next following synchronization byte. These 183 bytes are used for transport of the information, which in the example is video information. [0007] FIGURE 1 is a simplified block diagram of a portion of a smart card 10 including a decryption block, a key extraction block, and a prior art synchronizing arrangement. In FIGURE 1, encrypted serial information is applied by way of an input port 12 to a port 14i of a prior-art synchronizer 14. The encrypted serial information is in the form of packets of 188 bytes, where each byte is of eight bits. Within each packet, the first byte is a synchronization byte, which has a particular value. In the case of a MPEG transport stream, the particular value of the synchronization byte is forty-seven (47). In this transport stream, four packet identification (PID) bytes immediately follow the synchronization byte. [0008] Synchronizer 14 of FIGURE 1 generates a byte clock on an output signal path 16, which is used to clock a serial-to-parallel converter illustrated as a block 20. Encrypted serial information, delayed relative to the encrypted serial information applied to input port 12, is produced on an output signal path 18 of synchronizer 14, and is applied to serial-to-parallel converter 20. Serial-to-parallel converter 20 produces on a signal path 24 a stream of eight-parallel-bit bytes in response to the byte clock. A packet synchronization or reset signal generated on an output path 22 of synchronizer 14 is used for a timing reference in a triple DES decryption engine. The NRSS system delay through the smart card is a constant clock delay even though there may be gaps between the 188-byte packets. When decryption is active, the reset or sync signal of the next packet helps to establish if a gap exists or no gap is found between packets, which adjusts the processing for terminating the present or current packet and the beginning of processing of the incoming packet.
[0009] The encrypted stream of parallel-bit bytes produced by serial-to-parallel converter 20 of FIGURE 1 is applied to a key extraction arrangement illustrated as a block 30. The key information is transmitted in a number of bytes found in the serial bit stream entering port 12 of smart card 10, on an infrequent basis, such as every half- second. Block 30 monitors the parallel-bit byte stream and, when key information is available, extracts the key, and processes it, if necessary, as by decrypting, and applies the resulting decrypted key to a memory or register illustrated as a block 28. In operation, a decryptor, illustrated as a block 26, receives the encrypted parallel-bit bytes from converter 20, and decrypts the information using the key which is available in register 28. Decryptor block 26 produces decrypted video information on a signal path 32. In order to maintain security of the decrypted video, the video may again be encrypted in a block illustrated as 34 with an encryption code which a utilization or display apparatus can decode. The re-encrypted video is produced at a smart card output port or path 36. [0010] FIGURE 2 is a simplified block diagram of a prior-art synchronizer which may be used in block 14 of FIGURE 1. In FIGURE 2, the encrypted serial information is applied by way of input port 14i of synchronizer 14 to the input port 210i of an eight-bit delay line or register 210. Delay line 210 makes each of the stored eight bits available on a set 212 of output lines 212a, 212b, . . . 212g, 212h. The eight-bit-period delayed encrypted serial information is output from block 210 at an output port 210o, and is applied by way of signal path 18 to serial-to-parallel converter 20.
[0011] Also in FIGURE 2, an AND gate 214 includes eight input ports 1, 2, . . ., 7, 8, each of which is connected to one of the eight bit lines of set 212. More particularly, input ports 1 and 2 of AND gate 214 are connected to bit lines 212g and 212h, respectively, and input ports 7 and 8 of AND gate 214 are connected to bit lines 212a and 212b, respectively. AND gate 214 includes a further input port designated EN9. This further input port is used as an enable (EN) input port, enabling the remaining input ports in response to a selected logic level applied over a bit line 216, and disabling the gate in response to the other logic level. In one version, positive logic is used, and the enabling logic level is logic high.
[0012] During operation, AND gate 214 of FIGURE 2 monitors/detects the value of the bits traversing 8-bit delay line 210. AND gate 214 is configured to, when enabled, respond to the value of a synchronizing byte, which in one version has a bit value of forty-seven (47). Thus, when the total value of the bits traversing delay line 210 equals 47 and AND gate 214 is enabled, AND gate 214 responds by producing a packet synchronizing (sync) or reset signal on signal path 22. The sync signal on signal path 22 is applied to a three (3)-bit counter illustrated as a block 218, which resets to zero (or to full count, as desired) and then counts eight clock cycles. Since a byte corresponds to eight bits or clock cycles, the full count of counter 218 occurs once per byte, and may be considered to be a byte clock. The byte clock signal produced by counter 218 is applied by way of path 16 to serial-to-parallel converter 20, to aid in producing the parallel-bit bytes. Thus, converter 20 accepts eight bits, and produces one byte every eight bit clock cycles.
[0013] The sync signal or reset pulse produced on path 22 by AND gate 214 of FIGURE 2 is also applied to a reset input port 228r of a counter 228, together with the byte clock from counter 218. Counter 228 counts a number of bytes corresponding to the number of bytes between successive packet synchronizing pulses. More particularly, in an exemplary arrangement in which there are 188 bytes in each packet, one of which is the synchronization byte, there are 187 byte intervals between two successive synchronization bytes. At full count, counter 228 generates a logic high or logic 1 at its output port 228o, which is applied to the enable input port EN9 of AND gate 214, to thereby enable AND gate 214 to detect the next synchronization byte. In the same manner, during counts other than a full count, output port 228o of counter 228 produces a logic low or 0 signal, which disables AND gate 214. Disabling the AND gate for all periods other than the expected arrival time of the synchronization byte tends to reduce the incidence of response of AND gate 214 to occasional byte values of 47, which may occur during operation.
[0014] The operation of the arrangement of FIGURE 2 makes it clear that, so long as the initial response of AND gate 214 is to a true synchronization byte, the synchronization system 14 is unlikely to respond to synchronization-level bytes which occur during the video portions of the signal, since the AND gate is disabled during the video portions of the signal. However, the first detection of a synchronization- value byte may occur in response to a video-content portion of the signal, rather than in response to a synchronization byte. In this event, the reset pulse will occur during the video interval, and the synchronization block 14 will not become aware of this error until the 187-byte- interval counter 228 reaches its full count. In such a situation, the reaching of a full count of counter 228 enables AND gate 214 during the video-content portion of the signal. In general, the video content at that location will no longer have the synchronization byte value, which is 47 in the example. In this event, synchronization has not been achieved, and a period of about one packet duration has already expired. [0015] Considering that the decrypting key must be obtained and processed before decryption of the video content can be started, and packet synchronization must be achieved before that or those of the bytes containing the decrypting key can be identified, and further considering that the encrypting key byte is available only intermittently, rapid synchronization is desirable to provide timely response of the smart card to a user's request.
Summary of the Invention [0016] According to an aspect of the invention, a method of processing a digital data stream containing packets of information, where each packet includes a synchronization portion defining a value, and a packet identification portion. The method comprises receiving packets of the data stream containing the synchronization portion and the packet identification portion and periodically enabling a detector for detecting the value in a portion of a packet of the data stream. A synchronization signal is generated in response to the detection for synchronizing processing of the packets. In response to the synchronization signal, a subsequent portion of the packet is compared with stored information intended to correspond to the packet identification portion, to determine whether the synchronization signal resulted from detection of the synchronization portion associated with the packet. If the comparison fails to reveal a match, the detector is re- enabled for further detection of the value.
[0017] According to another aspect of the invention, an apparatus for processing a digital data stream containing packets of information, where each packet includes a synchronization portion defining a value, and a packet identification portion. The apparatus is operable for receiving packets of the data stream containing the synchronization portion and the packet identification portion. A detector having a controllable input is responsive to the value in the data stream for producing a synchronization signal, whereby the detector produces a synchronization signal in response to the synchronization portion of a packet in the data stream and also in response to an information item having the value. A counter responsive to the synchronization signal, counts a predetermined number of bytes associated with the received packets of the data stream, and produces an enable signal for controlling the controllable input of the detector for enabling detection at a time corresponding to the predetermined number of bytes after the synchronization signal, thereby enabling the detector to respond to a further synchronization portion associated with a packet in the data stream, and whereby, if the detector responds to an information item rather than to a synchronization portion, at least the predetermined number of byte periods must pass before resynchromzation can begin. A comparator responsive to the synchronization signal is operable for matching a subsequent portion of the packet data stream following the detected value, with stored information intended to correspond to the packet identification portion, and, in the absence of a match, generating and applying an input enable signal to the controllable input, thereby enabling the detector to further search for and detect a received the value prior to the expiry of a period of the predetermined number of bytes.
[0018] A smart card according to an aspect of the invention is for decrypting encrypted N-byte information packets, where the information packets include a synchronization byte defining a value, a first plurality of packet identification bytes following the synchronization byte, and, from time to time, a decryption key. The card comprises a key-controlled decryption arrangement coupled to receive the encrypted N-byte information packets, for decrypting the information to produce decrypted information, and a delay device for delaying the information for the number of bits in a byte of the information, and for providing simultaneous access to each of the bits in the information so delayed. A controllable gate is coupled to the delay device, for responding to the value with (or by generating) a synchronization signal or reset pulse, whereby the gate produces a synchronization signal in response to the synchronization byte and also in response to an information byte having the value. A key extraction arrangement is coupled to receive the information, for, when synchronized to the packets by the synchronization signal, extracting the key, thereby allowing the decryption arrangement to decrypt the information. The smart card also includes a byte clock generator; and a serial-to-parallel converter coupled to an output port of the delay device and to the byte clock generator, for converting the information output from the delay device from serial- bit to byte form at the rate of the byte clock. A byte counter is coupled to receive the synchronization signal, for counting N-l bytes, and for producing an enable signal for controlling the controllable gate at a time N-l bytes after the synchronization signal, thereby enabling the controllable gate to respond to a further synchronization byte, whereby, if the controllable gate responds to an information byte rather than to a synchronization byte, at least N-l byte periods must pass before resynchronization can begin. An identification packet comparator is coupled to the serial-to-parallel converter, for matching with stored information at least one of the first plurality of packet identification bytes following the synchronization signal generated by the controllable gate, and, in the absence of a match, for generating and applying a gate enable signal to the controllable gate, thereby enabling the controllable gate to search for the value prior to the expiry of a period of N-l bytes. [0019] In one embodiment of the invention, the encrypted serial information comprises MPEG serial transfer format video with 188-byte packets, 8 bits per byte, and starting with a synchronization byte having a value of 47. In this embodiment, there are four packet identification bytes which immediately follow the synchronization byte.
Brief Description of the Drawing [0020] FIGURE 1 is a simplified diagram of a decryptor for encrypted serial information in the form of successive packets; [0021] FIGURE 2 is a simplified block diagram of a prior art synchronizing portion of the arrangement of FIGURE 1; and
[0022] FIGURE 3 is a simplified block diagram of a synchronizing portion of the arrangement of FIGURE 1 according to an aspect of the invention.
Description of the Invention
[0023] In FIGURE 3, elements corresponding to those of FIGURE 2 are designated by like reference alphanumerics. FIGURE 3 differs from FIGURE 2 in having an OR gate 310 connected in signal path 216 between output port 228o of counter 228 and the enable input port EN9 of AND gate 214. More particularly, port 228o of counter 228 is connected to an input port 310 \ of OR gate 310, and the output port 31 Oo of OR gate 310 is connected to port EN9 of AND gate 214. OR gate 310 has no effect on the enabling and disabling of AND gate 214 by counter 228, so that when counter 228 reaches a full count of 187 byte intervals, it produces an enable signal which enables AND gate 214 for the next following byte, and maintains AND gate 214 disabled otherwise. [0024] OR gate 310 of FIGURE 3 has its second input port 3102 connected to the output port 312o of an AND gate 312. AND gate 312 effectively provides a second input port, designated 3121! by which AND gate 214 can be enabled. More particularly, if the output port 312o of AND gate 312 is logic high, that logic high level will be coupled through OR gate 310 to the enable input port EN9 of AND gate 214 regardless of the state of output port 228o of counter 228. A block illustrated as 314 in FIGURE 3 stores the bit patterns of the packet identification (PID) bytes which are of interest to the smart card 10 of FIGURE 1, and makes the patterns available to a comparator arrangement illustrated as a block 316. As mentioned, in an embodiment of the invention involving MPEG video, the PID bytes immediately follow the sync byte. Comparator 316 is enabled for comparison of the stream of data bytes arriving by way of path 24 with at least one, and preferably a set of two or more, of the PID bytes within the data stream. Comparator 316 is enabled by a enable (EN) signal applied from the output port 320o of a window generator 320. Window generator 320 responds to at least the second count of the counter 228 following the sync or reset signal, and preferably to the second, third, fourth, and fifth counts, to enable comparison block 316 during the first, or preferably the first through fourth counter-228 counts following the sync bit which resets counter 228. During the window interval, comparison block 316 compares the stream of parallel-bit bytes applied from path 24 with the PID byte(s). If a match is found, the output port 316o of comparator 316 remains at an inactive (logic low) level. With port 316o at an inactive level, AND gate 312 is disabled, and the logic level at its output port remains at an inactive logic level. Thus, in the presence of a match between the stored PID bytes and the current data bytes, the PID comparison arrangement including memory 314, comparator 316, and gates 310 and 312 has no effect on the prior-art portion of the synchronizer, namely the FIGURE 2 synchronizer. In the event of a lack of a match between the stored PID bytes and the current data bytes, output port 316o of comparator 316 produces an active logic state, such as a logic high level. The active logic state propagates through AND gate 312 if the gate is enabled by having its ON/OFF input port (and therefore its input port 312i2 ) at an active logic state. The active logic level produced by comparison block 316 in the absence of a match between the stored PID bytes and the current data bytes propagates through AND gate 312 if enabled, and also propagates through OR gate 310 to the enable input port EN9 of AND gate 214, thereby enabling AND gate 214 to continue searching for/detecting a synchronization byte. Thus, if comparison block 316 fails to match any one of the PID bytes, synchronization is deemed to not be achieved, and gate 214 is re-enabled to search for another sync byte. [0025] Other embodiments of the invention will be apparent to those skilled in the art. For example, the window generator 320 may enable comparison block 316 during a single byte interval or plural byte intervals, and the enabled intervals may immediately follow the sync byte(s) or be separated therefrom, and may even enable the comparison block during plural subintervals in each packet interval, as desired. The synchronization signal within the information stream may be a single byte having a value or may include further bytes. The number of PID bytes may be of any desired value, as can the number of bytes in a packet. Accordingly, various modifications and changes can be made without departing from the spirit of the invention. All such modifications and changes are considered to be within the scope of the appended claims

Claims

1. A method of processing a digital data stream containing packets of information, each packet including a synchronization portion defining a value, and a packet identification portion, said method comprising: receiving packets of said data stream containing said synchronization portion and said packet identification portion; periodically enabling a detector for detecting said value in a portion of a packet of said data stream, and generating a synchronization signal in response to said detection for synchronizing processing of said packets; and in response to said synchronization signal, comparing a subsequent portion of said packet with stored information intended to correspond to said packet identification portion, to determine whether said synchronization signal resulted from detection of said synchronization portion associated with said packet; and, if not, enabling said detector for further detection of said value.
2. The method of claim 1, wherein the step of periodically enabling said detector comprises enabling said detector according to a given bit count associated with said packet.
3. The method of claim 1 , wherein the step of comparing a subsequent portion of said packet with stored information comprises: comparing a predetermined number of bits in said packet immediately following said detected portion of said packet having said value, with said stored information.
4. The method of claim 3, wherein the comparing a predetermined number of bits in said packet immediately following said detected portion of said packet further comprises: determining if there is a match between at least one of the next four bytes in said packet following said detected portion of said packet having said value, and said stored information.
5. The method of claim 1, wherein, the step of periodically enabling said detector further comprises disabling said detector upon producing said synchronization signal, counting the next N-l bytes in said data stream in response to said produced synchronization signal, and enabling said detector after said N-l bytes.
6. The method of claim 4, wherein, when no match exists, said detector is enabled until a next detection of said value occurs.
7. Apparatus for processing a digital data stream containing packets of information, each packet including a synchronization portion defining a value, and a packet identification portion, said apparatus comprising: means for receiving packets of said data stream containing said synchronization portion and said packet identification portion; a detector having a controllable input and responsive to said value in said data stream for producing a synchronization signal, whereby said detector produces a synchronization signal in response to said synchronization portion of a packet in said data stream and also in response to an information item having said value; a counter responsive to said synchronization signal, for counting a predetermined number of bytes associated with said received packets of said data stream, and for producing an enable signal for controlling said controllable input of said detector for enabling detection at a time corresponding to said predetermined number of bytes after said synchronization signal, thereby enabling said detector to respond to a further synchronization portion associated with a packet in said data stream, and whereby, if said detector responds to an information item rather than to a synchronization portion, at least said predetermined number of byte periods must pass before resynchromzation can begin; and a comparator responsive to said synchronization signal for matching a subsequent portion of said packet data stream following said detected value, with stored information intended to correspond to said packet identification portion, and, in the absence of a match, generating and applying an input enable signal to said controllable input, thereby enabling said detector to further search for and detect a received said value prior to the expiry of a period of said predetermined number of bytes.
8. The apparatus of claim 7, wherein said digital data stream containing packets of information comprise N-byte information packets, and wherein said predetermined number of bytes comprise N-l bytes.
9. The apparatus of claim 8, wherein said information packets are encrypted, and wherein a key-controlled decryptor receives said encrypted N-byte information packets, for producing decrypted information.
10. The apparatus of claim 9, wherein a byte clock generator is responsive to said synchronization signal for resetting said clock, and a serial-to-parallel converter is coupled to said receiving means and to said byte clock generator, for converting said information in said data stream from serial bit to byte form at the rate of said byte clock.
11. The apparatus of claim 7, wherein said receiving means includes a delay device for delaying the number of bits in a byte of said information packets in said data stream.
12. The apparatus of claim 7, wherein said apparatus is disposed in a smart card.
13. A method of processing a digital data stream containing packets of information, said packets including a synchronization portion defining a value, and a packet identification portion, said method comprising: receiving packets of said data stream containing said synchronization portion and said packet identification portion; enabling a detector for detecting said value in a portion of said data stream and generating a synchronization signal for synchronizing processing of said data stream, said enabling occurring according to a given bit count associated with said data stream; and in response to a synchronization signal, comparing a portion of each packet with stored information intended to correspond to said packet identification portion, to determine whether said synchronization signal resulted from detection of said synchronization portion associated with said data stream; and if not, selectively enabling said detector for further detection of said value.
14. A smart card for decrypting encrypted N-byte information packets, where said information packets include a synchronization byte defining a value, a first plurality of packet identification bytes following said synchronization byte, and, from time to time, a decryption key, said card comprising: key-controlled decryption means coupled to receive said encrypted N-byte information packets, for decrypting said information to produce decrypted information; a delay device for delaying said information for the number of bits in a byte of said information, and for providing access to each of the bits in the information so delayed; a controllable gate coupled to said delay device, for responding to said value with a synchronization signal, whereby said gate produces a synchronization signal in response to said synchronization byte and also in response to an information byte having said value; key extraction means coupled to receive said information, for, when synchronized to said packets by said synchronization signal, extracting said key, thereby allowing said decryption means to decrypt said information; a byte clock generator; a serial-to-parallel converter coupled to an output port of said delay device and to said byte clock generator, for converting the information output from said delay device from serial bit to byte form at the rate of said byte clock; a byte counter coupled to receive said synchronization signal, for counting N-l bytes, and for producing an enable signal for controlling said controllable gate at a time N-l bytes after said synchronization signal, thereby enabling said controllable gate to respond to a further synchronization byte, whereby, if said controllable gate responds to an information byte rather than to a synchronization byte, at least N-l byte periods must pass before resynchromzation can begin; identification packet comparison means coupled to said serial-to-parallel converter, for matching with stored information at least one of said first plurality of packet identification bytes following said synchronization signal generated by said controllable gate, and, in the absence of a match, for generating and applying a gate enable signal to said controllable gate, thereby enabling said controllable gate to search for said value prior to the expiry of a period of N-l bytes.
15. The smart card of claim 14, wherein said identification packet comparison means further does not respond in the presence of a match between said stored information and said at least one of the next four bytes following said synchronization signal.
16. The smart card of claim 14, wherein said identification packet comparison means matches with stored information at least two of the next four bytes following said synchronization signal generated by said controllable gate, and, in the absence of a match, generates and applies a gate enable signal to said controllable gate.
17. The smart card of claim 14, wherein said number N of bytes in a packet is 188, and said number N-l is 187.
18. The smart card of claim 17, wherein the number of said first plurality of packet identification bytes in each packet is four.
19. The smart card of claim 18, wherein said four packet identification bytes immediately follow said synchronization signal generated by said controllable gate.
20. The smart card of claim 18, wherein said encrypted information is MPEG serial transport stream video.
21. The smart card of claim 20, wherein said information is video.
22. The smart card of claim 14, wherein said first plurality of packet identification bytes in each packet immediately follows said synchronization byte.
PCT/US2003/025905 2002-08-22 2003-08-19 Fast synchronization in smart cards WO2004019547A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
AU2003263909A AU2003263909A1 (en) 2002-08-22 2003-08-19 Fast synchronization in smart cards
BR0306136-1A BR0306136A (en) 2002-08-22 2003-08-19 Fast sync on smart cards

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US40520302P 2002-08-22 2002-08-22
US60/405,203 2002-08-22

Publications (1)

Publication Number Publication Date
WO2004019547A1 true WO2004019547A1 (en) 2004-03-04

Family

ID=31946823

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2003/025905 WO2004019547A1 (en) 2002-08-22 2003-08-19 Fast synchronization in smart cards

Country Status (3)

Country Link
AU (1) AU2003263909A1 (en)
BR (1) BR0306136A (en)
WO (1) WO2004019547A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4763339A (en) * 1984-03-15 1988-08-09 General Electric Company Digital word synchronizing arrangement
US5703887A (en) * 1994-12-23 1997-12-30 General Instrument Corporation Of Delaware Synchronization and error detection in a packetized data stream
US6118819A (en) * 1996-06-25 2000-09-12 Hyundai Electronics Ind Co., Ltd. MPEG-2 transport stream data detection device and method
US6154468A (en) * 1996-10-24 2000-11-28 Philips Electronics North America Corporation Fast sync-byte search scheme for packet framing

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4763339A (en) * 1984-03-15 1988-08-09 General Electric Company Digital word synchronizing arrangement
US5703887A (en) * 1994-12-23 1997-12-30 General Instrument Corporation Of Delaware Synchronization and error detection in a packetized data stream
US6118819A (en) * 1996-06-25 2000-09-12 Hyundai Electronics Ind Co., Ltd. MPEG-2 transport stream data detection device and method
US6154468A (en) * 1996-10-24 2000-11-28 Philips Electronics North America Corporation Fast sync-byte search scheme for packet framing

Also Published As

Publication number Publication date
BR0306136A (en) 2004-10-19
AU2003263909A1 (en) 2004-03-11

Similar Documents

Publication Publication Date Title
US6781601B2 (en) Transport processor
US5602920A (en) Combined DCAM and transport demultiplexer
US5828416A (en) System and method for interfacing a transport decoder to a elementary stream video decorder
US7508454B1 (en) Digital television conditional access methods and apparatus for simultaneously handling multiple television programs
AU701593B2 (en) Smart-card based access control system with improved security
JP4611967B2 (en) Method for cascading removable conditional access modules and a predetermined sequence insertion circuit and detection circuit for executing the method
EP1340368B1 (en) Digital television conditional access methods and apparatus for simultaneously handling multiple television programs
JP2001069106A (en) Stream multiplexing/demultiplexing device
JP2001218185A (en) Device and system for transferring data and program recording medium
EP0912057A2 (en) Digital broadcast receiver
US20090187937A1 (en) Device and method for controlling digital bidirectional communication
WO2011084340A1 (en) Selective switching between data sources
JP2008545307A (en) How to control access to encrypted data
AU5771586A (en) Restoring framing and synchronization in a secure communications system
US5675654A (en) System and method for interfacing a transport decoder to a national renewable security systems (NRSS) smart card
US20070297342A1 (en) Information processor with digital broadcast receiver
US7469420B2 (en) Key transport tamper protection
JP2001086481A (en) Packet separating device, digital signal transfer system, enciphering device, medium and information aggregate
US20020154636A1 (en) Searching for packet identifiers
WO2004019547A1 (en) Fast synchronization in smart cards
WO2004019614A1 (en) Smart card with nrss delay line for data alignment
US6516445B1 (en) System and method for detecting point-of-deployment (POD) module failure
EP1512076B1 (en) Key transport tamper protection
KR100655027B1 (en) Digital two-way communication control device and its method
JPH08331119A (en) Device and method for data transmission and device and method for data reception

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP