Cryptography – Key management – Having particular key generator
Reexamination Certificate
1999-07-01
2004-03-30
Sheikh, Ayaz (Department: 2131)
Cryptography
Key management
Having particular key generator
C380S201000, C380S277000
Reexamination Certificate
active
06714649
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The invention relates to a pay broadcasting system and, more particularly, to a method of and a system for blocking illegal access to a downloaded and stored program in a subscriber terminal in such a pay broadcasting system.
2. Description of the Prior Art
In a pay broadcasting system, a central station (or program provider) generally broadcasts a scrambled program, permitting a subscriber to unscramble the scrambled program only when the execution of the scrambled program is valid.
Such pay broadcasting system usually uses three kinds of keys: a scramble keys (SKt) updated frequently, say, every second (the suffix t denotes an update time); a work key (WKi) assigned to each of the subscriber terminals (the suffix i is a serial number assigned to a respective subscriber terminal) and updated at the time of renewal of the subscription contract (e.g., once a year); and a master key (MKi) issued to each of the subscriber terminals, stored in an IC (integrated circuit) card and set in the subscriber terminal. The central station scrambles data (PD) of each program with a scramble key of the time to provide scramble key-scrambled data (hereinafter, denoted as “SKt[PD]”), while encrypting each of the scramble keys used for the program with each of the work keys associated with the subscriber terminals to provide work key-encrypted scramble keys WK
1
[SKt], WK
2
[SKt], . . . , WKN[SKt], where N is the number of subscriber terminals served by the program provider. At the time of renewal of the subscription contract for the subscriber (terminal) and the program provider, the central station encrypts a new work key (WKi) for the subscriber terminal with the master key associated with the subscriber terminal (i) and issues an IC card which stores a master key-encrypted work key MKi[WKi]. The scramble key-scrambled data, the work key-encrypted scramble keys and the master key-encrypted work keys are multiplexed and broadcast from the center station. If a subscriber terminal has a valid master key of its own, then the terminal can decrypt the master key-encrypted work key MKi[WKi] with its own master key into the work key WKi; decrypt the work key-encrypted scramble keys WKi[SKt] with the work key WKi into the scramble key SKt; and unscramble the scramble key-scrambled data SKt[PD] with the scramble key SKt to finally obtain and enjoy the program data PD.
Japanese unexamined patent publication No. Hei10-11894 (1998) by Karino et al. discloses a system for receiving, recording and playing a pay scrambled broadcast program. If the system is to store a received program, the system also stores key information necessary for playing the stored program. This enables the system to unscramble the stored scrambled program by reading out the stored key information and using the information in the same manner as in case of real time reception. The system is also provided with means for prohibiting playing of a stored problem if the availability of the stored program has expired.
However, if an attacker breaks the work key of a subscriber terminal, the attacker can illegally enjoy the programs broadcast thereafter and having been stored so far until the available period of the work key expires. Once a work key is broken, the stored programs can be used regardless of the available periods of the stored programs even if the system is provided with the above-mentioned prohibiting means. The loss due to the illegal use of broadcast programs can be reduced by shorten the available period of the work keys. However, updating the work keys for hundreds of thousands of subscriber terminals in a short time is impracticable because it takes a lot of time to encrypt each (WKi) of such a lot of work keys with a respective master key (MKi).
SUMMARY OF THE INVENTION
The foregoing program in the prior art has been solved in accordance with the present invention.
In a pay broadcasting system including a central station and a subscriber terminal, data of a broadcast program is scrambled with a scramble key updated in a short period. The scramble key is encrypted with a first key assigned to the subscriber terminal. The first key being encrypted with a first master key set in the subscriber terminal. According to the present invention, a method of enhancing security of a broadcast program stored for subsequent use in the subscriber terminal in such a broadcasting system. In the central station, a second key-encrypted scramble key is generated by encrypting the scramble key with a second key different from the first key and changeable in an interval shorter than an update interval of the first key. An encrypted second key is generated by encrypting the second key with a second master key which has been commonly issued to subscriber terminals served by the central station, The second key-encrypted scramble key and the encrypted second key are broadcast together with the scrambled program, the first key-encrypted scramble key and the encrypted first key in a multiplexed manner. In the subscriber terminal, When a broadcast program is stored for subsequent use, the scrambled data of the broadcast program and the second key-encrypted scramble key are stored; the encrypted second key is decrypted with the second master key into the second key, which is added to a stored program second key list. If the stored program is to be executed, the second key-encrypted scramble key is decrypted with a corresponding one of the second keys in the stored program second key list into a decrypted scramble key; and the scrambled data of the broadcast program is unscrambled with the decrypted scramble key.
In one embodiment, the second master key is distributed stored in an IC card.
Alternatively, the second master key may be encrypted with the first master key and broadcast to the terminals. In this case, the terminal decrypts the encrypted second master key into a decrypted second master key, and uses the decrypted second master key for decryption of the encrypted second key.
In a preferred embodiment, each of the broadcast programs is assigned a respective second key.
In the embodiment, at a time of generating an encrypted key, an ID of the key used for the generation is also generated such that the generated encrypted key and corresponding ID are treated in a pair. The central station is permitted to broadcast a new second key for a program that has broadcast before. If a second key with an ID that accords with an ID of any second key in the stored program second key list is received in a subscriber terminal, the terminal replace the found second key with the received second key. This feature enables the central station to prohibit the use of any broadcast program at any desired time.
REFERENCES:
patent: 4533949 (1985-08-01), Fujimura et al.
patent: 4613901 (1986-09-01), Gilhousen et al.
patent: 4658292 (1987-04-01), Okamoto et al.
patent: 4712238 (1987-12-01), Gilhousen et al.
patent: 4799061 (1989-01-01), Abraham et al.
patent: 4864615 (1989-09-01), Bennett et al.
patent: 4887296 (1989-12-01), Horne
patent: 5615265 (1997-03-01), Coutrot
patent: 5642420 (1997-06-01), Kuroda et al.
patent: 5754651 (1998-05-01), Blatter et al.
patent: 6067121 (2000-05-01), Shigihara
patent: 6460137 (2002-10-01), Akiyama et al.
patent: 6594758 (2003-07-01), Okui
patent: 0 179 612 (1986-04-01), None
patent: 0704785 (1996-04-01), None
patent: 0817185 (1998-01-01), None
patent: 0822720 (1998-02-01), None
patent: 8-32530 (1996-02-01), None
patent: 8-149449 (1996-06-01), None
patent: 10-11894 (1998-01-01), None
patent: 10-106148 (1998-04-01), None
Kent, Security Requirements and Protocols for a Broadcast Scenario, IEEE COM-29. No. 6 Jun. 1981.*
Guillou, Encipherment and Conditional Access, SMPTE Journal Jun. 1994.*
Macq, Cryptology for Digital TV Broadcasting, IEEE 83(6) Jun. 1995.*
Tung, Research and Implementation of key Distribution and Management on ITV, 1998.*
Mooij, Advances In conditional Access Technology, IEE 1997.*
Sai
Goto Yoshimasa
Harada Takenosuke
Kataoka Mitsuteru
Machida Kazuhiro
Masuda Isao
Matsushita Electric - Industrial Co., Ltd.
Seal James
Sheikh Ayaz
Woo Louis
LandOfFree
Pay broadcasting system with enhanced security against... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Pay broadcasting system with enhanced security against..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Pay broadcasting system with enhanced security against... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3292265