Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2000-01-27
2003-12-23
Peeso, Thomas R. (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S152000, C713S164000, C713S152000, C713S152000
Reexamination Certificate
active
06668320
ABSTRACT:
The invention relates to a transmission system for transmitting a multiplex signal from a transmitter to a receiver, said multiplex signal comprising first and second sections, said first section comprising encrypted data packets.
The invention further relates to a transmitter for transmitting a multiplex signal, a receiver for receiving a multiplex signal and a multiplex signal comprising a section.
A transmission system according to the preamble is known from the document Draft EN 301 192 V1.1.1, European Standard, “Digital Video Broadcasting (DVB); DVB specification for data broadcasting”. In modern digital broadcast systems a transmitter, e.g. a headend, typically transmits a large number of services (or channels) to a plurality of receivers, like for instance television sets or set-top boxes. Such a service can contain an audio/video stream, an interactive application (for example in the MHEG-5 format), other kinds of data or a combination of these elements. An MPEG-2 transport stream is a multiplex of a number of services. Typically, a transmitter transmits several transport streams to the set-top boxes. A set-top box can tune to a specific transport stream and is then able to retrieve information from the transport stream. Such a set-top box typically has only one tuner and is thus merely able to receive one single transport stream at a time. When a user wants to look at a television program, or wants to run an interactive application, or wants to access other kinds of data the set-top box or television set tunes to the corresponding transport stream and retrieves and processes the required data from the service as it is being broadcast at that moment.
In such systems it may be desirable that only a limited number of the users, e.g. only those who have paid or who belong to a certain group, have access to the services. Such conditional access to the services can be realised by encrypting the data, by transmitting the encrypted data to the receivers, and by supplying only to those receivers who are entitled to the data the decryption keys necessary for the decryption of the data. By means of the decryption keys the receivers can decrypt the data. For security reasons the decryption key has to be changed after a certain period of time or after the transmission of a certain amount of data. The transition to a new decryption key has to be synchronised between transmitter and receiver.
In the known transmission system a transport stream comprising a number of data services is broadcast by a transmitter to a plurality of receivers. Each data service includes a number of encrypted data packets which are embedded into a single data section.
An object of the invention is to provide a transmission system, wherein the receiver or set-top box is able to efficiently handle the decryption of the data packets. This object is achieved in the transmission system according to the invention, which is characterized in that said second section comprises decryption packets, said decryption packets comprising decryption keys, said data packets being decryptable by means of said decryption keys, at least a part of said first and second sections being identical, said first and second sections being linked together by said part. By concentrating the encrypted data packets and the therewith associated decryption packets in sections which are linked together by means of an identical part, the receiver can easily obtain the data packets and the decryption packets needed for decrypting the data packets by using a single filter which filters out all packets included in those sections which contain that part.
A first embodiment of the transmission system according to the invention is characterized in that said first and second sections comprise, respectively, first and second headers, said part being comprised in said headers. In general, section headers contain information about the content of the sections and can therefore be used advantageously to store information which indicates that the first and second sections are linked together.
A second embodiment of the transmission system according to the invention is characterized in that the data packets comprise IP packets. In this way data services defined at the IP level can be broadcasted securely using a DVB compliant infrastructure.
A third embodiment of the transmission system according to the invention is characterized in that the decryption keys are being retransmitted a number of times. By this measure the receivers are able to access the decryption keys quickly, so that a fast access to the data service is realised.
A fourth embodiment of the transmission system according to the invention is characterized in that the section comprises a header, said header comprising information indicating a change of the decryption key being used. By including this information in the header the receiver can determine exactly when to start using a new decryption key.
A fifth embodiment of the transmission system according to the invention is characterized in that the receiver comprises filter means for filtering out second and further occurrences of the same decryption key on the basis of the information. By this measure the receiver only has to deal with the first occurrence of a decryption key. This means for instance that, in the case where the decryption keys themselves are encoded, the receiver is relieved from decoding the second and further occurrences of the same decryption key.
REFERENCES:
patent: 4577221 (1986-03-01), Skinner, Sr. et al.
patent: 0719045a2 (1996-06-01), None
Draft EN 301 192 V1.1.1, European Standard, Digital Video Broadcasting (DVB); DVB Specification for data broadcasting, pps. 1-36.
RFC 1825, Security Architecture for the Internet Protocol, Aug. 1995.
LandOfFree
Transmission system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Transmission system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Transmission system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3176589