[go: up one dir, main page]

WO2006111949A2 - Programme de securite pour des dispositifs mobiles - Google Patents

Programme de securite pour des dispositifs mobiles Download PDF

Info

Publication number
WO2006111949A2
WO2006111949A2 PCT/IL2006/000070 IL2006000070W WO2006111949A2 WO 2006111949 A2 WO2006111949 A2 WO 2006111949A2 IL 2006000070 W IL2006000070 W IL 2006000070W WO 2006111949 A2 WO2006111949 A2 WO 2006111949A2
Authority
WO
WIPO (PCT)
Prior art keywords
cek
key
content
encrypted
broadcast
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/IL2006/000070
Other languages
English (en)
Other versions
WO2006111949A3 (fr
Inventor
Erez Waisbard
Arieh Moller
Hillel Solow
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Synamedia Ltd
Original Assignee
NDS Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by NDS Ltd filed Critical NDS Ltd
Publication of WO2006111949A2 publication Critical patent/WO2006111949A2/fr
Publication of WO2006111949A3 publication Critical patent/WO2006111949A3/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04HBROADCAST COMMUNICATION
    • H04H20/00Arrangements for broadcast or for distribution combined with broadcast
    • H04H20/53Arrangements specially adapted for specific applications, e.g. for traffic information or for mobile receivers
    • H04H20/57Arrangements specially adapted for specific applications, e.g. for traffic information or for mobile receivers for mobile receivers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04HBROADCAST COMMUNICATION
    • H04H60/00Arrangements for broadcast applications with a direct linking to broadcast information or broadcast space-time; Broadcast-related systems
    • H04H60/09Arrangements for device control with a direct linkage to broadcast information or to broadcast space-time; Arrangements for control of broadcast-related services
    • H04H60/14Arrangements for conditional access to broadcast information or to broadcast-related services
    • H04H60/23Arrangements for conditional access to broadcast information or to broadcast-related services using cryptography, e.g. encryption, authentication, key distribution
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/80Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
    • H04N21/81Monomedia components thereof
    • H04N21/8146Monomedia components thereof involving graphical data, e.g. 3D object, 2D graphics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/603Digital right managament [DRM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • the present invention relates to key distribution, and more particularly, key distribution for content on mobile devices.
  • audiovisual data is typically broadcast by satellite, by cable, or by other appropriate broadcast medium, to an integrated receiver / decoder (IRD), also known as a set top box (STB).
  • IRD integrated receiver / decoder
  • STBs further comprise storage devices and software drivers, enabling a user to digitally record content on the storage devices.
  • Such STBs are typically known as Personal Video Recorders (PVRs) or Digital Video Recorders (DVRs).
  • Broadcast of content is typically accompanied with the broadcast of control data, to ensure that only authorized viewers view content.
  • the viewer in order for a viewer to be able to view a service, the viewer needs to be authorized to view.
  • the viewer is enabled to decrypt encrypted packets comprising content broadcast on the service. For example, if a football game is to be broadcast on channel 101 at 11:00 AM Sunday January 1 , the viewer needs to be authorized to view channel 101 before 11:00 AM Sunday January 1 in order to view the game.
  • the viewer receives encrypted packets comprising the broadcast content of the game. Being authorized to view channel 101 , the viewer' s STB is able to decrypt the packets and display the game.
  • mobile devices such as, and without limiting the generality of the foregoing, mobile telephones, now provide the ability to transfer both voice data (a telephone call) and non- voice data, for example, and without limiting the generality of the foregoing, downloading information, exchanging email, and instant messaging.
  • 2G and 3 G mobile telephone technology has also enabled broadcast of live content and streaming stored content to mobile devices.
  • Content Providers interested in controlling content, and thereby ensuring revenue, are concerned that control data accompany live and streamed content which is delivered to mobile devices.
  • OMA Open Mobile Alliance
  • DRM Digital Rights Management
  • a consumer wishing to view content must receive, on his device, a rights object well in advance of the broadcast of the content. Once the consumer possesses the rights object, the consumer's device receives a decryption key, enabling decryption of the content. Typically, due to bandwidth considerations and the numbers of devices, the decryption key is distributed to the devices well in advance of broadcast.
  • Conditional access systems typically include an ICAM (Integrated Conditional Access Module), typically comprised in a set top box (STB), in communication with a security element such as a smart card.
  • ICAM Integrated Conditional Access Module
  • STB set top box
  • the ICAM receives an Entitlement Control Message (ECM), typically but not necessarily by broadcast.
  • ECM Entitlement Control Message
  • the ECM includes information necessary to generate a Control Word (CW) used for descrambling content such as broadcast content.
  • the ICAM passes the ECM to a secure computation unit, typically comprising a removable security element such as a smart card, where the ECM is processed, typically using a secret cryptographic function, to obtain the CW.
  • the smart card then passes the CW back to the ICAM, which in turn passes the CW to other components of the STB for use in descrambling the content.
  • Examples of such systems are described in US Patents 5,282,249 and 5,481,609 to Cohen et al and in US Patent 6,178,242 to Tsuria, the disclosures of which are hereby incorporated herein by reference.
  • a typical pay television conditional access system is the VideoGuardTM system, commercially available from NDS Ltd., One London Rd., Staines, Middlesex, TW 18 4EX, United Kingdom.
  • the system of Nachman et al is intended to frustrate a particular type of hacker attack known as "the McCormac hack".
  • the McCormac hack simply stated, is the redistribution of key data from a datastream between a decoder and a legitimate smartcard, in order to enable any decoder with a suitable pseudo-smartcard in the card slot to decode a channel.
  • an adequate communications network such as the Internet
  • a single subscription could provide keys for an unlimited number of individuals. The effect for a broadcaster would be devastating.
  • McCormac hack can also be performed in a non-smart card environment, and that the above discussion is not meant to be limiting.
  • the present invention seeks to provide an improved scheme of content protection key distribution for mobile devices.
  • CEK according to a key PK
  • CEK is a content encryption key enabling decryption of the content for a single crypto-period, transmitting the plurality of encrypted decryption keys to the plurality of mobile devices, and at an appropriate time relative to broadcast of the content encrypted according to key CEK, transmitting the key SKM to the plurality of mobile devices, thereby enabling the plurality of mobile devices to decrypt/g ] y [ ⁇ (g ⁇ (CEK)) and derive gp j ⁇ (CEK).
  • a second key SKIVE immediately prior to the onset of a second crypto-period, thereby enabling the plurality of mobile devices to decrypt /SM ⁇ 2(SP ⁇ (CEK2)) and derive gp j ⁇ (CEK2), where CEK2 is a second content encryption key enabling decryption of content in the second crypto-period.
  • the transmitting the plurality of encrypted decryption keys is performed at a time well before broadcast of content encrypted according to key CEK.
  • the transmitting the plurality of encrypted decryption keys is performed prior to transmitting the key SKM.
  • the appropriate time relative to broadcast of the content encrypted according to key CEK is a function of at least a number of mobile devices included within the plurality of mobile devices, and an amount of bandwidth available to the content provi der for sending the plurality of encrypted decryption keys to the plurality of mobile devices.
  • /g ] yg£ is a symmetric encryption function.
  • SKM is a shared key.
  • G jyjj ⁇ is a stream cipher.
  • /g j yo ⁇ is a block cipher.
  • the appropriate time is a very short time before a start of the broadcast.
  • SKM is broadcast as a portion of a broadcast stream including the content encrypted according to key CEK.
  • SKM2 is a shared key.
  • y [ ⁇ 2 is a stream cipher.
  • yg ⁇ is a block cipher.
  • gp ⁇ is an asymmetric encryption function.
  • PK is a public key of an individual mobile device among the plurality of mobile devices.
  • a device private key corresponding to PK is stored in a protected memory in the mobile device.
  • the content for broadcast includes one of live multicast content, andunicast streamed content.
  • a second key SKM2 immediately prior to the onset of a second crypto-period, thereby enabling the plurality of mobile devices to decrypt /SMK2(sp ⁇ (CEK2)) and derive gp ⁇ (CEK2), where CEK2 is a second content encryption key enabling decryption of content in the second crypto-period.
  • /g j y jj ⁇ is a symmetric encryption function.
  • SKM is a shared key.
  • /gMK is a stream cipher.
  • g j ⁇ is a block cipher.
  • SKM is broadcast as a portion of a broadcast stream including the content encrypted according to key CEK. Additionally in accordance with a preferred embodiment of the present invention/sjyQQ 1S a symmetric encryption function.
  • SKM2 is a shared key. Further in accordance with a preferred embodiment of the present is a stream cipher.
  • SKM2 is broadcast as a portion of a broadcast stream including the content encrypted according to key CEK2.
  • gp ⁇ is an asymmetric encryption function.
  • PK is a public key of an individual mobile device among the plurality of mobile devices.
  • the device private key corresponding to PK is stored in a protected memory in the mobile device.
  • a decryption key provider which provides a plurality of encrypted decryption keys, the encrypted decryption keys being encrypted according to/ ⁇ ] y [ ⁇ (g ⁇ j ⁇ (CEK)), where/and g are encryption &nctions,/g ] y [ ⁇ is an encryption function encrypting gp J ⁇ (CEK) according to a key, SKM, gp j ⁇ (CEK) is an encryption function encrypting CEK according to a key PK, and CEK is a content encryption key enabling decryption of the content for a single crypto-period, a transmitter for transmitting the plurality of encrypted decryption keys to the plurality of mobile devices, and a transmitter for transmitting the key SKM to the plurality of mobile devices at an appropriate
  • a first receiver operative to receive a plurality of encrypted keys well in advance of broadcast of the content, the encrypted keys encrypted according to/g ] y [j ⁇ (g
  • CEK is a content encryption key enabling decryption of the content for a single crypto-period
  • a second receiver operative to receive the key SKM prior to broadcast of the content encrypted according to key CEK, a decryptor which decrypts according to the key SKM, thereby deriving g ⁇ j ⁇ (CEK), a device private key with which the device decrypts gp j ⁇ (CEK), thereby deriving CEK
  • a decryptor operative to utilize decrypted key CEK to decrypt the content.
  • FIG. 1 is a simplified illustration of a system wherein a content provider provides content to a plurality of mobile devices, the system constructed and operative in accordance with a preferred embodiment of the present invention
  • Fig. 2 is a simplified depiction of a timeline relating content distribution events with session key management events within the system of Fig. 1 ;
  • Fig. 3 is a simplified depiction of a timeline relating arrival at one of the plurality of mobile devices of secret key material packets and decryption of session keys within the system of Fig. 1; and
  • Fig. 4 is a simplified flow chart illustration of a preferred method of implementation of the system of Fig. 1.
  • Fig. 1 is a simplified pictorial illustration of a system wherein a content provider provides content to a plurality of mobile devices, the system constructed and operative in accordance with a preferred embodiment of the present invention.
  • the content provider distributes content and control data to a plurality of mobile devices.
  • Mobile devices referred to herein typically include any appropriate device implementing a standard which enables downloading content. For example, and without limiting the generality of the foregoing, ITU IMT 2000, UMTS 5 EDGE, and GPRS are such standards.
  • Fig. 2 is a simplified depiction of a timeline relating content distribution events with session key management events within the system of Fig. 1.
  • Encrypted key material 200 is preferably delivered to a mobile device (not depicted) preferably well in advance of a broadcast start time 210. Encrypted key material is preferably delivered to the mobile device as an OMA rights obj ect.
  • the encrypted key material 200 preferably comprises a plurality of preferably doubly encrypted content keys, as explained below. Slightly before a first content key is needed for use, an encrypted first content key is preferably sent for decryption 220 to a mechanism depicted in Fig.2 as session key derivation 230. The mechanism of session key derivation 230 is described in greater detail with reference to Fig. 3.
  • the session key derivation 230 mechanism is preferably either located on the mobile device, in a SIM (subscriber identity module) of the mobile device, or in some other appropriate add-on component which is operatively associated with the mobile device, via, for example, and without limiting the generality of the foregoing, USB, SDIO (Secure Digital Cards), MMC (Multi Media Cards), and so forth.
  • SIM subscriber identity module
  • MMC Multi Media Cards
  • Each of the plurality of content keys preferably comprises an OMA standard permission, which is preferably returned 240 to the mobile device after decryption by the session key derivation mechanism 230.
  • Rights objects are defined in OMA standards as, "a collection of permissions and other attributes which are linked to DRM content”.
  • Permissions are defined as "actual usages or activities allowed by a rights issuer over DRM content”.
  • DRM content refers to a digital work, such as, but not limited to, a ring tone, a screen saver or game, live broadcasts and streamed content, and combinations of such digital works. The digital work as DRM content is consumed according to a set of permissions in the rights object.
  • content and “DRM content” are used interchangeably.
  • broadcast in all of its grammatical forms, is understood to include both broadcast content as well as streamed content, where streamed content includes both unicast and multicast content.
  • an encrypted second content key is preferably sent for decryption 250 to the session key derivation mechanism 230.
  • a decrypted second OMA permission is preferably returned 260 to the mobile device by the session key derivation mechanism 230.
  • the cycle of encrypted keys being sent for decryption and returning decrypted OMA standard permissions preferably continues until slightly before the broadcast ends 270.
  • a last content key is needed for use.
  • An encrypted last content key is preferably sent for decryption 280 to the session key derivation mechanism 230.
  • a last OMA standard permission is preferably returned 290 to the mobile device by the session key derivation mechanism 230.
  • Fig. 3 is a simplified depiction of a timeline relating arrival at one of the plurality of mobile devices of secret key material (SKM) packets and decryption of session keys within the system of Fig. 1.
  • the content is preferably segmented into a series of crypto-periods.
  • a new key is used to decrypt content.
  • the new key is a content encryption key (CEK).
  • CEK content encryption key
  • the timeline in Fig. 3 is depicted as divided into segments, each segment preferably defined by a new CEK: CEK 1; CEK 2; ...; and CEK n. It is appreciated that a broadcaster is therefore able to refresh CEK frequently.
  • Each OMA standard rights object comprising a CEK required to view the content is preferably distributed well in advance of broadcast time.
  • the CEK is preferably delivered encrypted where/and g are encryption functions, /preferably utilizes a symmetric encryption scheme, such as, and without limiting the generality of the foregoing, AES.
  • g preferably utilizes an asymmetric encryption scheme, such as, and without limiting the generality of the foregoing,
  • gp ⁇ CEK preferably represents asymmetric encryption of the CEK.
  • PK is the public key of the individual device to which the CEK is sent.
  • the transmission of the keys is preferably performed well in advance of the broadcast start 210 (Fig.2). Nevertheless, it is desirable that CEK only become available close to the time it is actually needed, and therefore, it is distributed encrypted as gp ⁇ - (CEK).
  • a device private key used to decrypt ⁇ w-(CEK) is highly secret.
  • the device private key is, accordingly, stored in a protected memory in the device. If the private key becomes known, then there remains no protection for encrypted content. At most, OMA rights may be revoked, as per the OMA standards.
  • due to the secrecy of the device private key if encrypted keys are intercepted, there is no point in distributing the intercepted encrypted keys in advance of broadcast, as, without the device private key, the encrypted keys are useless.
  • / ⁇ preferably represents symmetric encryption.
  • SKM secret key material
  • SKM is preferably a shared key used to encrypt gp ⁇ (CEK).
  • the shared key SKM is preferably only broadcast a very short time before it is needed. Since SKM preferably comprises a shared key, very little bandwidth need be used to transmit SKM.
  • sending SKM a limited number of times a very short time before broadcast start 210 preferably increases the likelihood that all of the individual devices within the plurality of mobile devices which need to receive SKM in time for use, will actually receive the SKM.
  • the SKM is sent in the broadcast stream with the content, and not sent separately such that it appears at the correct time.
  • the device in order to retrieve the CEK, the device preferably needs both the SKM and PK; and unwrapping an outer layer of encryption,,/ ⁇ * ⁇ preferably can only be performed once the SKM has arrived, thereby preferably eliminating the possibility of unauthorized decryption and distribution of the CEK well in advance of the use of the CEK.
  • CEK may not be the actual content encryption key. Rather, decrypting gw(CEK) may provide a value which the device uses to derive the actual content encryption key.
  • Fig. 4 is a simplified depiction of a timeline relating arrival of secret key material packets and decryption of session keys within the system of Fig. 1.
  • Actions depicted in Fig.4 are depicted in two columns, a left column and a right column.
  • the left column depicts actions of the content provider.
  • the right column depicts actions which occur at the device. Time flows from the top of Fig.4 to the bottom.
  • the content provider preferably sends a plurality of encrypted keys in the form ⁇ SKM ⁇ PK ⁇ " ⁇ " ⁇ ' as described above (step 400).
  • each key preferably comprises a session key which has been encrypted using the public key of the device.
  • the public key encrypted session key is preferably further encrypted with a shared key.
  • a resultant shared key encrypted, public key encrypted session key for each crypto-period is preferably sent to a plurality of devices. At at least one of the plurality of devices, the encrypted keys are preferably received well in advance of broadcast time (step 410).
  • the content provider preferably sends a first shared key to the plurality of devices (step 420).
  • the at least one of the plurality of devices preferably receives the first shared key preferably just before the broadcast begins, and decrypts 430).
  • the device then preferably uses its own private key immediately to decrypt the public key encrypted session key, thereby deriving the now unencrypted session key CEK (step 440). With CEK 5 the device is able to render the content viewable (step 450).
  • Steps 420 - 450 are then preferably repeated with a second key, and for each subsequent key, up to, and including a final key (steps 460 - 470).
  • steps 460 - 470 may be delivered to the mobile device before steps 400 - 470 occur, while steps 400 - 470 occur, or after steps 400 - 470 occur.

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Graphics (AREA)
  • Multimedia (AREA)
  • Theoretical Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

Au niveau d'un fournisseur de contenu, l'invention permet de fournir un contenu à diffuser à une pluralité de dispositifs mobiles. L'invention concerne une méthode pour distribuer des clés pour décoder un contenu. Cette méthode consiste à fournir une pluralité de clés de décodage codées. Ces clés de décodage codées sont codées selon fSMK(gPK(CEK)), f et g étant des fonctions de codage, fSMK désignant une fonction de codage codant gPK(CEK) selon une clé SKM, gPK(CEK) désignant une fonction de codage codant CEK selon une clé PK, et CEK désignant une clé de codage de contenu permettant de décoder le contenu pendant une cryptopériode unique. La méthode consiste également à émettre la pluralité de clés de décodage codées à la pluralité de dispositifs mobiles susmentionnés, et à un moment approprié se rapportant à la diffusion du contenu codé selon la clé CEK, à transmettre la clé SKM à la pluralité de dispositifs mobiles, ce qui permet d'activer la pluralité de dispositifs mobiles pour décoder fSMK(gPK(CEK)) et pour dériver gPK (CEK). L'invention concerne encore un appareil et des méthodes associées.
PCT/IL2006/000070 2005-04-19 2006-01-18 Programme de securite pour des dispositifs mobiles Ceased WO2006111949A2 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US67263705P 2005-04-19 2005-04-19
US60/672,637 2005-04-19

Publications (2)

Publication Number Publication Date
WO2006111949A2 true WO2006111949A2 (fr) 2006-10-26
WO2006111949A3 WO2006111949A3 (fr) 2006-12-14

Family

ID=37115549

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IL2006/000070 Ceased WO2006111949A2 (fr) 2005-04-19 2006-01-18 Programme de securite pour des dispositifs mobiles

Country Status (1)

Country Link
WO (1) WO2006111949A2 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009112966A3 (fr) * 2008-03-10 2010-10-07 Nds Limited Système de distribution de clé
RU2496140C2 (ru) * 2008-05-30 2013-10-20 Виаксесс Способы и устройства передачи зашифрованного мультимедийного контента в пакетном режиме, носитель записи для осуществления таких способов

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7693285B2 (en) * 2002-03-06 2010-04-06 Entrust, Inc. Secure communication apparatus and method

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009112966A3 (fr) * 2008-03-10 2010-10-07 Nds Limited Système de distribution de clé
US8396222B2 (en) 2008-03-10 2013-03-12 Nds Limited Key distribution system
RU2496140C2 (ru) * 2008-05-30 2013-10-20 Виаксесс Способы и устройства передачи зашифрованного мультимедийного контента в пакетном режиме, носитель записи для осуществления таких способов

Also Published As

Publication number Publication date
WO2006111949A3 (fr) 2006-12-14

Similar Documents

Publication Publication Date Title
US7698568B2 (en) System and method for using DRM to control conditional access to broadband digital content
US8667304B2 (en) Methods and apparatuses for secondary conditional access server
CN100366083C (zh) 广播应用的条件访问系统的操作方法
US8724808B2 (en) Method for secure distribution of digital data representing a multimedia content
CN100481932C (zh) 用于安全数据传输的方法和电子模块
AU2004288307B2 (en) System and method for using DRM to control conditional access to broadband digital content
EP2345246B1 (fr) Procédé d'application, par un centre de gestion, des règles d'accès pour un produit radiodiffusé
WO2012072703A1 (fr) Protection de mot de commande
US8615650B2 (en) Control-word deciphering, transmission and reception methods, recording medium and server for these methods
CN100442839C (zh) 一种交互数字广播电视系统的信息传输方法及装置
KR100936458B1 (ko) 제1 도메인용으로 암호화한 데이터를 제2 도메인에 속한네트워크에서 처리하기 위한 디바이스 및 그 데이터를전송하는 방법
JP4521392B2 (ja) デコーダ及びスマートカードに関連した有料テレビジョンシステム、そのようなシステムにおける権利失効方法、及びそのようなデコーダに送信されたメッセージ
JP2006518134A5 (fr)
Kim Secure communication in digital TV broadcasting
WO2006111949A2 (fr) Programme de securite pour des dispositifs mobiles
US20240056651A1 (en) Digital rights management using a gateway/set top box without a smart card
KR101980928B1 (ko) 디지털 전송 스트림의 디스크램블링 콘텐츠 패킷용 보안 모듈 및 암호 시스템 및 방법
KR100510692B1 (ko) 제한 수신 시스템
KR101240659B1 (ko) 디지털 방송 수신기의 수신 제한 시스템 및 방법
CN113497960A (zh) 基于智能电话的有条件访问系统
KR20200118752A (ko) Uhd 방송 콘텐츠 보안 시스템

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

NENP Non-entry into the national phase

Ref country code: RU

WWW Wipo information: withdrawn in national office

Country of ref document: RU

122 Ep: pct application non-entry in european phase

Ref document number: 06700960

Country of ref document: EP

Kind code of ref document: A2

WWW Wipo information: withdrawn in national office

Ref document number: 6700960

Country of ref document: EP