Patent Grant
7548624
This application is related to the following co-pending and commonly-assigned patent applications, all of which applications are incorporated by reference herein:
U.S. patent application Ser. No. 09/620,832, entitled “VIDEO ON DEMAND PAY PER VIEW SERVICES WITH UNMODIFIED CONDITIONAL ACCESS FUNCTIONALITY,” by Raynold M. Kahn, Gregory J. Gagnon, David D. Ha, Peter M. Klauss, Christopher P. Curren, and Thomas H. James, filed on Jul. 21, 2000;
U.S. patent application Ser. No. 09/620,833, entitled “SECURE STORAGE AND REPLAY OF MEDIA PROGRAMS USING A HARD-PAIRED RECEIVER AND STORAGE DEVICE,” by Raynold M. Kahn, Gregory J. Gagnon, David D. Ha, Peter M. Klauss, Christopher P. Curren, and Thomas H. James, filed on Jul. 21, 2000;
U.S. patent application Ser. No. 09/621,476, entitled “SUPER ENCRYPTED STORAGE AND RETRIEVAL OF MEDIA PROGRAMS IN A HARD-PAIRED RECEIVER AND STORAGE DEVICE,” by Raynold M. Kahn, Gregory J. Gagnon, David D. Ha, Peter M. Klauss, Christopher P. Curren, and Thomas H. James, filed on Jul. 21, 2000;
U.S. patent application Ser. No. 09/620,773, entitled “SUPER ENCRYPTED STORAGE AND RETRIEVAL OF MEDIA PROGRAMS WITH MODIFIED CONDITIONAL ACCESS FUNCTIONALITY,” by Raynold M. Kahn, Gregory J. Gagnon, David D. Ha, Peter M. Klauss, Christopher P. Curren, and Thomas H. James, filed on Jul. 21, 2000;
U.S. patent application Ser. No. 09/620,772, entitled “SUPER ENCRYPTED STORAGE AND RETRIEVAL OF MEDIA PROGRAMS WITH SMARTCARD GENERATED KEYS,” by Raynold M. Kahn, Gregory J. Gagnon, David D. Ha, Peter M. Klauss, Christopher P. Curren, and Thomas H. James, filed on Jul. 21, 2000;
U.S. patent application Ser. No. 09/491,959, entitled “VIRTUAL VIDEO ON DEMAND USING MULTIPLE ENCRYPTED VIDEO SEGMENTS,” by Robert G. Arsenault and Leon J. Stanger, filed on Jan. 26, 2000;
application Ser. No. 09/960,824, entitled “METHOD AND APPARATUS FOR ENCRYPTING MEDIA PROGRAMS FOR LATER PURCHASE AND VIEWING,” by Raynold M. Kahn, Gregory J. Gagnon, David D. Ha, Peter M. Klauss, Christopher P. Curren, Ronald P. Cocchi, and Thomas H. James, filed Sep. 21, 2001;
application Ser. No. 09/954,236, entitled “EMBEDDED BLACKLISTING FOR DIGITAL BROADCAST SYSTEM SECURITY,” by Raynold M. Kahn, Gregory J. Gagnon, David D. Ha, and Dennis R. Flaherty, filed Sep. 14, 2001;
U.S. patent application Ser. No. 10/302,414, entitled “METHOD AND APPARATUS FOR ENSURING RECEPTION OF CONDITIONAL ACCESS INFORMATION IN MULTI-TUNER RECEIVERS,” by Peter M. Klauss, Raynold M. Kahn, Gregory J. Gagnon, and David D. Ha, filed on Nov. 21, 2002;
U.S. patent application Ser. No. 10/302,416, entitled “METHOD AND APPARATUS FOR MINIMIZING CONDITIONAL ACCESS INFORMATION OVERHEAD WHILE ENSURING CONDITIONAL ACCESS INFORMATION RECEPTION IN MULTI-TUNER RECEIVERS,” by Peter M. Klauss, Raynold M. Kahn, Gregory J. Gagnon, and David D. Ha, filed on Nov. 21, 2002;
PCT international Patent Application Ser. No. US02/29881, entitled “METHOD AND APPARATUS FOR CONTROLLING PAIRED OPERATION OF A CONDITIONAL ACCESS MODULE AND AN INTEGRATED RECEIVER AND DECODER,” by Raynold M. Kahn and Jordan Levy, filed on Sep. 20, 2002;
U.S. patent application Ser. No. 10/758,865, entitled “DISTRIBUTION OF VIDEO CONTENT USING CLIENT TO HOST PAIRING OF INTEGRATED RECEIVERS/DECODERS,” by Raynold M. Kahn, Greg Gagnon, Christopher P. Curren and Thomas H. James, filed Jan. 16, 2004; and
U.S. patent application Ser. No. 10/758,811, entitled “DISTRIBUTION OF VIDEO CONTENT USING A TRUSTED NETWORK KEY FOR SHARING CONTENT,” by Raynold M. Kahn, Gregory J. Gagnon, Christopher P. Curren and Thomas H. James, filed on Jan. 16, 2004.
This application is also related to the following applications:
application Ser. No. 09/590,417, entitled “METHOD AND APPARATUS FOR TRANSMITTING, RECEIVING, AND UTILIZING AUDIO/VISUAL SIGNALS AND OTHER INFORMATION”, filed Jun. 08, 2000, by Arthur Tilford;
application Ser. No. 10/490,261 entitled “METHOD AND APPARATUS FOR CONTROLLING PAIRED OPERATION OF A CONDITIONAL ACCESS MODULE AND AN INTEGRATED RECEIVER AND DECODER”, filed Aug. 5, 2004, by Raynold M. Kahn et al., which is a national stage entry of PCT/US02/29881 filed Sep. 20, 2002;
application Ser. No. 10/758,811 entitled “DISTRIBUTION OF VIDEO CONTENT USING A TRUSTED NETWORK KEY FOR SHARING CONTENT”, filed Jan. 16, 2004, by Raynold M. Kahn et al;
application Ser. No. 10/758,818 entitled “DISTRIBUTION OF BROADCAST CONTENT FOR REMOTE DECRYPTION AND VIEWING”, filed Jan. 16, 2004, by Raynold M. Kahn et al;
application Ser. No. 10/758,865 entitled “DISTRIBUTION OF VIDEO CONTENT USING CLIENT TO HOST PAIRING OF INTEGRATED RECEIVERS/DECODERS”, filed Jan. 16, 2004, by Raynold M. Kahn et al;
application Ser. No. 10/759,679 entitled “VIRTUAL VIDEO ON DEMAND USING MULTIPLE ENCRYPTED VIDEO SEGMENTS”, filed Jan. 19, 2004, by Robert G. Arsenault et al., which is a continuation of application Ser. No. 09/491,959, entitled “VIRTUAL VIDEO ON DEMAND USING MULTIPLE ENCRYPTED VIDEO SEGMENTS”, filed Jan. 26, 2000, by Robert G. Arsenault et al., now issued Mar. 02, 2004 as U.S. Pat. No. 6,701,528;
application Ser. No. 10/790,466 entitled “VIDEO ON DEMAND IN A BROADCAST NETWORK”, filed Mar. 01, 2004, by Stephen P. Dulac;
application Ser. No. 11/433,926 entitled “METHODS AND APPARATUS TO PROTECT CONTENT IN HOME NETWORKS”, filed May 15, 2006, by Raynold M. Kahn;
application Ser. No. 11/433,969 entitled “METHODS AND APPARATUS TO PROVIDE CONTENT ON DEMAND IN CONTENT BROADCAST SYSTEMS”, filed May 15, 2006, by Peter M. Klauss et al.;
application Ser. No. 11/434,082 entitled “CONTENT DELIVERY SYSTEMS AND METHODS TO OPERATE THE SAME”, filed May 15, 2006, by Raynold M. Kahn et al.;
application Ser. No. 11/434,404 entitled “SECURE CONTENT TRANSFER SYSTEMS AND METHODS TO OPERATE THE SAME”, filed May 15, 2006, by Raynold M. Kahn et al;
application Ser. No. 11/434,437 entitled “METHODS AND APPARATUS TO CONDITIONALLY AUTHORIZE CONTENT DELIVERY AT RECEIVERS IN PAY DELIVERY SYSTEMS”, filed May 15, 2006, by Raynold M. Kahn et al.;
application Ser. No. 11/434,528 entitled “METHODS AND APPARATAUS TO CONDITIONALLY AUTHORIZE CONTENT DELIVERY AT BROADCAST HEADENDS IN PAY DELIVERY SYSTEMS”, filed May 15, 2006, by Raynold M. Kahn et al.;
application Ser. No. 11/434,538 entitled “METHODS AND APPARATUS TO CONDITIONALLY AUTHORIZE CONTENT DELIVERY AT CONTENT SERVERS IN PAY DELIVERY SYSTEMS”, filed May 15, 2006, by Raynold M. Kahn et al.;
application Ser. No. 11/499,635 entitled “DISTRIBUTED MEDIA-PROTECTION SYSTEMS AND METHODS TO OPERATE THE SAME”, filed Aug. 04, 2006, by Michael Ficco;
application Ser. No. 11/499,636 entitled “DISTRIBUTED MEDIA-AGGREGATION SYSTEMS AND METHODS TO OPERATE THE SAME”, filed Aug. 04, 2006, by Michael Ficco;
application Ser. No. 11/501,985 entitled “SECURE DELIVERY OF PROGRAM CONTENT VIA A REMOVAL STORAGE MEDIUM”, filed Aug. 10, 2006, by Raynold M. Kahn et al.;
application Ser. No. 11/654,752 entitled “SECURE STORAGE AND REPLAY OF MEDIA PROGRAMS USING A HARD-PAIRED RECEIVER AND STORAGE DEVICE”, filed Jan. 18, 2007, by Raynold M. Kahn et al., which is a continuation of application Ser. No. 09/620,833, entitled “SECURE STORAGE AND REPLAY OF MEDIA PROGRAMS USING A HARD-PAIRED RECEIVER AND STORAGE DEVICE”, filed Jul. 21, 2000, by Raynold M. Kahn et al.; and
application Ser. No. 11/701,800 entitled “SUPER ENCRYPTED STORAGE AND RETRIEVAL OF MEDIA PROGRAMS IN A HARD-PAIRED RECEIVER AND STORAGE DEVICE”, filed Feb. 02, 2007, by Raynold M. Kahn et al., which is a continuation of application Ser. No. 09/621,476, entitled “SUPER ENCRYPTED STORAGE AND RETRIEVAL OF MEDIA PROGRAMS IN A HARD-PAIRED RECEIVER AND STORAGE DEVICE”, filed Jul. 21, 2000, by Raynold M. Kahn et al., now issued Apr. 10, 2007 as U.S. Pat. No. 7,203,311.
1. Field of the Invention
The present invention relates to systems and methods for distributing of broadcast content for remote decryption and viewing.
2. Description of the Related Art
Direct broadcast satellite (DBS) systems have become commonplace in recent years. DBS systems have been designed to ensure that only paying subscribers receive program materials transmitted by service providers. Among such systems are those which use a conditional access module (typically in the form of a smartcard) that can be removably inserted into the receiver.
One of the disadvantages of existing DBS receivers is that every television requires a separate integrated receiver/decoder (IRD) and conditional access module in order to receive unique programming. Moreover, each of the IRDs requires a tuner and conditional access module in order to receive and decrypt the programming. In addition, each of the IRDs would require a separate disk drive in order to provide digital video record (DVR) capabilities. All of these components drives up the cost of the IRDs.
Currently, there is no method of a host IRD with a conditional access module securely sharing content one or more client IRDs without a conditional access module. One of the key reasons is that the prior art provides no method for the service provider to know of and selectively enable the authorized client IRDs. As a result, service providers had no method of preventing widespread, and possible unauthorized, distribution of their program materials if several IRDs are networked together.
The present invention describes an architecture that includes a central or host IRD and one or more lightweight secondary or client IRDs coupled thereto. The present invention also describes a method of allowing the host and client IRDs to decrypt the program materials using a media encryption key and pairing keys that are shared between the IRDs in the network.
This means that the client IRDs would not require a tuner, conditional access module or disk drive, since the host IRD is responsible for the reception and storage of the program material, and the conditional access module associated with the host IRD is responsible for the reception of media encryption keys for program decryption by host and client IRDs. This allows distribution of the program materials throughout a household or other location at a significantly reduced cost as compared to other schemes, which require full IRDs for each individual subscriber.
In summary, the present invention describes a method, apparatus and article of manufacture for distributing program materials received from a direct broadcast satellite system between a host receiver and a client receiver for remote decryption.
In this invention, encrypted program materials and media encryption keys are received by the host receiver from the direct broadcast satellite system, and transferred from the host receiver to the client receiver, where the client receiver decrypts the transferred program materials using a transferred media encryption key.
For delayed viewing, the transferred program materials and media encryption keys may be stored in a large capacity storage system, such as a hard disk, at the host receiver or at a centralized home media storage subsystem, until requested for viewing by the client receiver.
The transferred program materials are protected by the broadcast encryption. The media encryption key, received from the broadcast system by the conditional access module at the host receiver, is protected for transfer to the client receiver by encryption at the host receiver using a host-client pairing key shared between host and client.
The pairing key is received from the broadcast system at both the host and client receivers, where the pairing key is decrypted at the host receiver using a receiver key uniquely associated with the host receiver and the pairing key is decrypted at the client receiver using a receiver key uniquely associated with the client receiver.
In a preferred embodiment, an encrypted version of the pairing key is received from the broadcast system at the host receiver and transferred to the client receiver, where it is decrypted using a receiver key uniquely associated with the client receiver. A differently encrypted version of the same pairing key is received from the broadcast system at the host receiver, and transferred to the conditional access module associated with the host receiver, where it is decrypted using a message decryption key uniquely associated with the conditional access module.
The conditional access module obtains the media encryption key from data received by the host receiver from the broadcast system. The conditional access module encrypts the media encryption key using the pairing key. The encrypted media encryption key is transferred from the conditional access module, via the host receiver, to the client receiver, where it is decrypted using the pairing key. The decrypted media encryption key is then used by the client receiver to decrypt program materials transferred from the host receiver.
Referring now to the drawings in which like reference numbers represent corresponding parts throughout:
In the following description, reference is made to the accompanying drawings which form a part hereof, and which show, by way of illustration, several embodiments of the present invention. It is understood that other embodiments may be utilized and structural changes may be made without departing from the scope of the present invention.
The uplink center 104 receives the program materials from the control center 102 and, using an uplink antenna 112 and transmitter 114, transmits the program materials to one or more satellites 116, each of which may include one or more transponders 118. The satellites 116 receive and process this program material, and re-transmit the program materials to subscriber receiving stations 108 via downlink 120 using transmitter 118. Subscriber receiving stations 108 receive the program materials from the satellites 116 via an antenna 122, and decrypt and decode the program materials using an integrated receiver/decoder (IRD) 124.
One or more channels are provided by program sources 200A-200C, which may comprise one or more video channels augmented respectively with one or more audio channels.
The data from each program source 200A-200C is provided to a corresponding encoder 202A-202C, which in one embodiment comprise Motion Picture Experts Group (MPEG) encoders, although other encoders can be used as well. After encoding by the encoders 202A-202C, the output therefrom is converted into data packets by corresponding packetizers 204A-204C.
In addition to the program sources 200A-200C, data source 206 and conditional access manager 208 may provide one or more data streams for transmission by the system 100. The data from the data source 206 and conditional access manager 208 is provided to a corresponding encoder 202D-202E. After encoding by the encoders 202D-202E, the output therefrom is converted into data packets by corresponding packetizers 204D-204E.
A system channel identifier (SCID) generator 210, null packet (NP) generator 212 and system clock 214 provide control information for use in constructing a data stream for transmission by the system 100. Specifically, the packetizers 204A-204F assemble data packets using a system clock reference (SCR) from the system clock 214, a control word (CW) generated by the conditional access manager 208, and a system channel identifier (SCID) from the SCID generator 210 that associates each of the data packets that are broadcast to the subscriber with a program channel.
Each of the encoders 202A-202C also accepts a presentation time stamp (PTS) from a multiplex controller 216. The PTS is a wrap-around binary time stamp that is used to assure that the video channels are properly synchronized with the audio channels after encoding and decoding.
Finally, these data packets are then multiplexed into a serial data stream by the controller 216. The data stream is then encrypted by an encryption module 218, modulated by a modulator 220, and provided to a transmitter 222, which broadcasts the modulated data stream on a frequency bandwidth to the satellite 116 via the antenna 106.
As noted above, program materials are encrypted by the encryption module 218 before transmission to ensure that they are received and viewed only by authorized IRDs 124. The program materials are encrypted according to an encryption key referred to hereinafter as a control word (CW). This can be accomplished by a variety of data encryption techniques, including symmetric algorithms, such as the data encryption standard (DES), and asymmetric algorithms, such as the Rivest-Shamir-Adleman (RSA) algorithm.
To decrypt the program material, the IRD 124 must also have access to the associated CW. To maintain security, the CW is not transmitted to the IRD 124 in plaintext. Instead, the CW is encrypted before transmission to the IRD 124. The encrypted CW is transmitted to the IRD 124 in a control word packet (CWP), i.e., a data packet type as described in
In one embodiment, the data in the CWP, including the CW, is encrypted and decrypted via what is referred to hereinafter as an input/output (I/O) indecipherable algorithm. An I/O indecipherable algorithm is an algorithm that is applied to an input data stream to produce an output data stream. Although the input data stream uniquely determines the output data stream, the algorithm selected is such that its characteristics cannot be deciphered from a comparison of even a large number of input and output data streams. The security of this algorithm can be further increased by adding additional functional elements which are non-stationary (that is, they change as a function of time). When such an algorithm is provided with identical input streams, the output stream provided at a given point in time may be different than the output stream provided at another time.
So long as the encryption module 218 and the IRD 124 share the same I/O indecipherable algorithm, the IRD 124 can decode the information in the encrypted CWP to retrieve the CW. Then, using the CW, the IRD 124 can decrypt the program materials so that it can be displayed or otherwise presented.
The tuner 400 receives the data packets from the antenna 122 and provides the packets to the TDM 402. Using the SCIDs associated with the program materials, the TDM 402 and microcontroller 404 reassemble the data packets according to the channel selected by the subscriber and indicated by the user I/O 412, and decrypt the program materials using the CW.
Once the program materials have been decrypted, they are provided to the source decoder 406, which decodes the program materials according to MPEG or other standards as appropriate. The decoded program materials may be stored in the RAM 408 or provided to devices coupled to the IRD 124 via the external interfaces 410, wherein the devices coupled to the IRD 124 can include or a media storage device 418, such as a disk drive, a presentation device 420, such as a monitor, or a networked device, such as another IRD 124.
The CAM 414 is typically implemented in a smartcard or similar device, which is provided to the subscriber to be inserted into the IRD 124. The CAM 414 interfaces with the CAV 416 and the TDM 402 to verify that the IRD 124 is entitled to access the program materials.
The CW is obtained from the CWP using the CAV 416 and the CAM 414. The TDM 402 provides the CWP to the CAM 414 via the CAV 416. The CAM 414 uses an I/O indecipherable algorithm to generate the CW, which is provided back to the TDM 402. The TDM 402 then uses the CW to decrypt the program materials.
In one embodiment including a plurality of networked IRDs 124, one of the IRDs 124 is designated a “host IRD” (or host device) and each of the other IRDs are designated as a “client IRD” (or client device). In such an embodiment, the host IRD 124 includes all of the components described in
However, in this embodiment, there is no master-slave relationship, and all IRDs 124 have the capability to decrypt the program materials. Moreover, the host and client IRDs 124 share the CW by means of a pairing key (PK) that is generated by the service provider for the purposes of allowing each IRD 124 to decrypt the program materials. Consequently, this allows for the distribution of broadcast content between a host IRD 124 and one or more client IRDs 124 for remote decryption and viewing.
After the subscriber has purchased and installed the host IRD 124 and associated hardware, the subscriber supplies a unique identifier (such as a serial number) for the host IRD 124 to the service provider. The unique identifier is itself uniquely associated with a secret receiver key (RK). This association is implemented in the IRD 124 itself, and is known to the service provider. Thereafter, the service provider determines a pairing key (PK), also designated as a host pairing key PKH, that will be used to encrypt communications between the CAM 414 and the IRD 124.
The PK is then encrypted by the service provider using the RK, to produce an encrypted PK, denoted ER(PK), wherein the ER( ) indicates that RK encryption is used and the PK indicates that the PK is encrypted. A message for the CAM 414 comprising the PK and the ER(PK) is generated by the service provider, and the message is encrypted using a conditional access message encryption algorithm to produce EM(PK, ER(PK)), wherein the EM( ) indicates that conditional access message encryption is used and the PK, ER(PK) indicates that the PK, ER(PK) is encrypted.
The EM(PK, ER(PK)) is then transmitted from the service provider to the host IRD 124 where it is received by the tuner 400 and TDM 402 (500). The TDM 402 routes data packets with the encrypted message EM(PK, ER(PK)) to the CAM 414 for decryption.
In the CAM 414, the EM(PK,ER(PK)) is decrypted by a message decryption algorithm (EM DECR) 502 to produce the decrypted PK, which is stored in a secure memory 504 in the CAM 414.
The ER(PK) is provided from the CAM 414 to the TDM 402, and since it is encrypted using the RK, it is not exposed in plaintext. (In the preferred embodiment, ER(PK) is delivered to the TDM 402 via the CAM 414, but alternative embodiments might deliver ER(PK) directly to the TDM 402.)
In the TDM 402, the ER(PK) is decrypted by an Advanced Encryption Standard (AES) decryption algorithm (AES DECR) 506 using the RK 508 to produce the decrypted PK, which is then stored in a secure memory 510. This PK, now stored in both the IRD 124 and the CAM 414, is used to encrypt communications between the CAM 414 and the IRD 124, as desired.
For example, using the PK stored in 504, the CAM 414 encrypts the CW to produce EPK(CW), wherein the EPK( ) indicates that PK encryption is used and the CW indicates that the CW is encrypted. The TDM 402 decrypts the EPK(CW) received from the CAM 414 using the PK stored in 510. Since the EPK(CW) can only be decrypted by an IRD 124 that contains the appropriate PK, this cryptographically binds (“pairs”) the CAM 414 and the host IRD 124.
The present invention also provides for pairing between a host IRD 124 and one or more client IRDs 124, to ensure that program materials are never shared between the host IRD 124 and client IRDs 124 in plaintext. The pairing of the host IRD 124 and client. IRDs 124 is accomplished by the use of the pairing key (PK), also designated as a client pairing key PKC.
In one embodiment, the PKC may be the same as the pairing key used to operatively pair the host IRD 124 and the CAM 414, namely the host pairing key PKH, and in such circumstances is simply designated as the pairing key PK. In another embodiment, the PKC may be different from the host pairing key PKH used to operatively pair the host IRD 124 and the CAM 414. Both embodiments are described in more detail below.
As noted above, the subscriber supplies a unique identifier (such as a serial number) for the host IRD 124 to the service provider, wherein the unique identifier is associated with a secret receiver key (RK), wherein the association is implemented in the IRD 124 itself and is known to the service provider.
After activating the host IRD 124, the subscriber can request the activation of additional client IRDs 124 using the same method. Consequently, the service provider would determine the RK for each of the client IRDs 124 as well.
Thereafter, the service provider establishes the PKC for a particular combination of host and client IRDs 124. Preferably, the service provider encrypts the PKC, using an Advanced Encryption Standard (AES) encryption algorithm, with RKH, the RK of the host IRD 124, and RKC, the RK of the client IRD 124, thereby creating two ER(PKC) messages containing the encrypted PKC, i.e., ERH(PKC) for the host IRD 124 and ERC(PKC) for the client IRD 124.
The service provider transmits one or more messages to the host IRD 124, as represented by 600, using an ID for the CAM 414 of the host IRD 124 for over-the-air addressing of the message, and specifying both a Host ID (HID) and a Client ID (CLID), wherein the CLID identifies the client IRDs 124 to the host IRD 124. These messages contain the encrypted PKC, and are then stored on disk drive 418 or other non-volatile memory in the host IRD 124.
Any number of such encrypted versions of the PKC can be stored in the host IRD 124. For example, there may be a different PKC for each pairing of a client IRD 124 networked with the host IRD 124. On the other hand, a host IRD 124 may share the same PKC with all the client IRDs 124. Moreover, the PKC shared with all the client IRDs 124 may itself be the PKH.
Preferably, the host IRD 124 receives both of the ERH(PKC) and ERC(PKC) messages off-air and, at some later time, the ERC(PKC) for the client IRD 124 is obtained by the client IRD 124 from the host IRD 124. This may occur, for example, when a client IRD 124 is activated or powered up.
In the host and client IRDs 124, the ER(PKC) (which is either the ERH(PKC) or ERC(PKC)) is decrypted by an AES decryption algorithm (AES DECR) 602 in the TDM 402 using the appropriate RK 604 (which is either the RKH or RKC), and the decrypted PKC is stored in a secure memory 606 in the host and client IRDs 124.
Consequently, the service provider, through the assignment of the PKC, establishes a pairing relationship between the host IRD 124 and one or more client IRDs 124 forming a network, so that the program materials are shared in secure manner within the network.
In the preferred embodiment of
In the portion of
The unencrypted CW is then re-encrypted by the CAM 414 using an AES encryption algorithm (AES ENCR) 706 with the PK 708 stored in the CAM 414 to produce a re-encrypted media encryption key EPK(CW).
The re-encrypted media encryption key EPK(CW) is provided to the TDM 402, where it is decrypted by an AES decryption algorithm (AES DECR) 710 using the PK 712 stored in the TDM 402, in order to obtain the unencrypted media encryption key CW.
The unencrypted CW is then stored in a CW storage 714, and used when necessary by a Data Encryption Standard (DES) decryption algorithm (DES DECR) 716 to decrypt the program material, so that the decrypted program materials can be displayed on a monitor 420, stored on a disk drive 418, etc.
The re-encrypted media encryption key EPK(CW) is also transmitted via 718 from the host IRD 124 to the client IRD 124. Since the program materials are encrypted with the CW, the client IRD 124 must be able to receive the CW from the host IRD 124 in a secure manner.
In the portion of
After the CW is decrypted by the AES decryption algorithm 720, the CW is then stored in the CW storage 724 of the TDM 402 in the client IRD 124. Thereafter, the CW is retrieved from the CW storage 724 for use in decrypting the encrypted program materials by a DES decryption algorithm (DES DECR) 726, wherein the program materials are transferred 728 from the host IRD 124 to the client IRD 124 without being decrypted at the host IRD 124. The client IRD 124 can then display the decrypted program materials on a presentation device 420 coupled to the client IRD 124.
In an alternative embodiment of
In the embodiment of
In the portion of
The unencrypted CW is then re-encrypted by the CAM 414 by an AES encryption algorithm (AES ENCR) 736 using the PK of the host IRD 124 stored in the CAM 414, which is designated PKH 738, to produce a re-encrypted media encryption key EPKH(CW).
The re-encrypted media encryption key EPKH(CW) is provided to the TDM 402 in the host IRD 124, where it is decrypted by an AES decryption algorithm (AES DECR) 740 using the PK of the host IRD 124 stored in the TDM 402, which is designated PKH 742, in order to obtain the unencrypted media encryption key CW. The unencrypted CW is then stored in a CW storage 744, and used when necessary by a DES decryption algorithm (DES DECR) 746 to decrypt the program material, so that the program materials can be displayed on a monitor 420, stored on a disk drive 418, etc.
Since the program materials are encrypted with the CW, the client IRD 124 must be able to receive the CW from the host IRD 124 in a secure manner. To accomplish this task, the CW is encrypted in the host IRD 124 by an AES encryption algorithm (AES ENCR) 748 using the PK of the client IRD 124 also stored in the TDM 402, which is designated PKC 750, to produce an EPKC(CW).
In the portion of
After the CW is decrypted by the AES decryption algorithm 754, the CW is then stored in the CW storage 758 of the TDM 402 in the client IRD 124. Thereafter, the CW is retrieved from the CW storage 758 of the TDM 402 for use in decrypting the program materials by a DES decryption algorithm (DES DECR) 760, wherein the program materials are transferred in a datastream 762 from the host IRD 124 to the client IRD 124 without being decrypted. The client IRD 124 can then display the decrypted program materials on a presentation device 420 coupled to the client IRD 124.
In the above embodiments, the program materials received by the host IRD 124 are simply relayed to the client IRD 124, with minimal processing by the host IRD 124. The program materials are only encrypted once, by the service provider, and are delivered to the client IRD 124 only in encrypted form, together with the CW necessary to decrypt the program materials.
It should be noted that the datastream received by the host IRD 124 generally includes a number of multiplexed program materials from a number of program sources. In some embodiments, the received datastream is forwarded to the client IRD 124, and the client TDM 402 extracts the packets according to the desired program materials, before decryption. In other embodiments, the TDM 402 of the host IRD 124 may fully or partially extract the desired program materials from the received datastream, to reduce the transmission data-rate of the datastream transferred from the host IRD 124 to the client IRD 124.
It should also be noted that the above description applies for immediate viewing as well as for delayed viewing of the program materials by the client IRD 124. For delayed viewing, the transferred datastream and encrypted media encryption keys or re-encrypted media encryption keys may be stored in a large capacity storage system, such as a disk drive 418, at the host IRD 124, or at a centralized home media storage subsystem 418, and then forwarded to the client IRD 124 when requested for viewing. For example, the transferred datastream and encrypted media encryption keys may be stored on the disk drive 418 until the program materials are requested, at which point the encrypted media encryption keys are decrypted by the CAM 414 and re-encrypted for delivery to the client IRD 124, as well as stored on the disk drive 418 for future use or replaying of the program materials by the host or client IRDs 124.
In these embodiments, no CAM 414 is required on the client IRD 124, since the client IRD 124 obtains the CW necessary for decrypting the program materials from the host IRD 124 in a secure manner. Also, since the client IRD 124 does not need to receive program materials from an off-air signal, no tuner is required in the client IRD 124. Finally, no disk drive 418 is required in the client IRD 124, since client IRDs 124 may use the disk drive 418 of the host IRD 124 as a “virtual” disk. All of this leads to greatly reduced cost of the client IRDs 124.
On the other hand, because of the need to secure the program materials when they are transmitted over the network, the client IRD 124 requires certain decryption circuitry and secure key storage, which will generally be included in a single integrated circuit. Since similar circuitry is used in the host IRD 124, it is cost effective to produce and personalize a standard integrated circuit that will be used in host and client IRDs 124, rather than different integrated circuits for each type of IRD 124. In this case, the client IRD 124 may cost effectively contain the circuitry that performs the decryption, decoding and/or demultiplexing of the program materials. Rather than burden the host IRD 124 with the role of performing these functions for all client IRDs 124, which may lead to a bottleneck in the host IRD 124, the client IRD 124 performs these functions in the present invention. This architecture enables a host IRD 124 to support a larger number of client IRDs 124.
Note that one of the advantages to the embodiments having different values of PKH and PKC is that it allows the service provider and host IRD 124 to control which of the client IRDs 124 receives the program materials. This could be an advantage if the service provider wishes to have several tiers of services for the client IRDs 124. This could also allow subscribers to selectively control which program materials are distributed to which client IRD 124 if limits, either rating or spending, are to be set. Also, if a client IRD 124 is suspected of not being in the location indicated or is being used for pirating purposes, the distribution of program materials to that client IRD 124 could be terminated without disrupting services to other client IRDs 124 in the network. The disadvantage of this system would be the number of keys that would be required for each pairing and the bookkeeping of all of these keys. Both of these issues are not serious and could be overcome by careful system planning, if necessary. However, in most applications, the simpler embodiment of
The foregoing description of the preferred embodiment of the invention has been presented for the purposes of illustration and description. It is not intended to be exhaustive or to limit the invention to the precise form disclosed. Many modifications and variations are possible in light of the above teaching.
For example, while the foregoing disclosure presents an embodiment of the present invention as it is applied to a direct broadcast satellite system, the present invention can be applied to any system that uses encryption. Moreover, although the present invention is described in terms of specific encryption and decryption schemes, it could also be applied to other encryption and decryption schemes, or to different uses of the specific encryption and decryption schemes. Finally, although specific hardware, software and logic is described herein, those skilled in the art will recognize that other hardware, software or logic may accomplish the same result, without departing from the scope of the present invention.
It is intended that the scope of the invention be limited not by this detailed description, but rather by the claims appended hereto. The above specification, examples and data provide a complete description of the manufacture and use of the composition of the invention. Since many embodiments of the invention can be made without departing from the spirit and scope of the invention, the invention resides in the claims hereinafter appended.
| Number | Name | Date | Kind |
|---|---|---|---|
| 4613901 | Gilhousen et al. | Sep 1986 | A |
| 4633309 | Li et al. | Dec 1986 | A |
| 4675732 | Oleson | Jun 1987 | A |
| 4694490 | Harvey et al. | Sep 1987 | A |
| 4866769 | Karp | Sep 1989 | A |
| 4866787 | Olesen | Sep 1989 | A |
| 5033084 | Beecher | Jul 1991 | A |
| 5132992 | Yurt et al. | Jul 1992 | A |
| 5168353 | Walker et al. | Dec 1992 | A |
| 5172413 | Bradley et al. | Dec 1992 | A |
| 5199066 | Logan | Mar 1993 | A |
| 5301245 | Endoh | Apr 1994 | A |
| 5301352 | Nakagawa et al. | Apr 1994 | A |
| 5335277 | Harvey et al. | Aug 1994 | A |
| 5357276 | Banker et al. | Oct 1994 | A |
| 5371551 | Logan et al. | Dec 1994 | A |
| 5386587 | Yuzawa | Jan 1995 | A |
| 5396293 | Shellard | Mar 1995 | A |
| 5421031 | De Bey | May 1995 | A |
| 5438423 | Lynch et al. | Aug 1995 | A |
| 5440336 | Buhro et al. | Aug 1995 | A |
| 5481609 | Cohen et al. | Jan 1996 | A |
| 5495531 | Smiedt | Feb 1996 | A |
| 5506902 | Kubota | Apr 1996 | A |
| 5557541 | Schulhof et al. | Sep 1996 | A |
| 5565805 | Nakagawa et al. | Oct 1996 | A |
| 5583937 | Ullrich et al. | Dec 1996 | A |
| 5586264 | Belknap et al. | Dec 1996 | A |
| 5592551 | Lett et al. | Jan 1997 | A |
| 5592651 | Rackman | Jan 1997 | A |
| 5594491 | Hodge et al. | Jan 1997 | A |
| 5619247 | Russo | Apr 1997 | A |
| 5640453 | Schuchman et al. | Jun 1997 | A |
| 5642418 | Farris et al. | Jun 1997 | A |
| 5663896 | Aucsmith | Sep 1997 | A |
| 5675390 | Schindler et al. | Oct 1997 | A |
| 5677895 | Mankovitz | Oct 1997 | A |
| 5701383 | Russo et al. | Dec 1997 | A |
| 5701582 | De Bey | Dec 1997 | A |
| 5710970 | Walters et al. | Jan 1998 | A |
| 5715315 | Handelman | Feb 1998 | A |
| 5715403 | Stefik | Feb 1998 | A |
| 5721829 | Dunn et al. | Feb 1998 | A |
| 5724646 | Ganek et al. | Mar 1998 | A |
| 5729280 | Inoue et al. | Mar 1998 | A |
| 5734853 | Hendricks et al. | Mar 1998 | A |
| 5748732 | Le Berre et al. | May 1998 | A |
| 5761302 | Park | Jun 1998 | A |
| 5764762 | Kazmierczak et al. | Jun 1998 | A |
| 5784095 | Robbins et al. | Jul 1998 | A |
| 5790663 | Lee et al. | Aug 1998 | A |
| 5790783 | Lee et al. | Aug 1998 | A |
| 5793971 | Fujita et al. | Aug 1998 | A |
| 5805699 | Akiyama et al. | Sep 1998 | A |
| 5826165 | Echeita et al. | Oct 1998 | A |
| 5831664 | Wharton et al. | Nov 1998 | A |
| 5845240 | Fielder | Dec 1998 | A |
| 5848158 | Saito et al. | Dec 1998 | A |
| 5850218 | LaJoie et al. | Dec 1998 | A |
| 5864747 | Clark et al. | Jan 1999 | A |
| 5867207 | Chaney et al. | Feb 1999 | A |
| 5899582 | DuLac | May 1999 | A |
| 5912969 | Sasamoto et al. | Jun 1999 | A |
| 5914941 | Janky | Jun 1999 | A |
| 5926205 | Krause et al. | Jul 1999 | A |
| 5930215 | Fite et al. | Jul 1999 | A |
| 5933500 | Blatter et al. | Aug 1999 | A |
| 5936660 | Gurantz | Aug 1999 | A |
| 5937067 | Thatcher et al. | Aug 1999 | A |
| 5953418 | Bock et al. | Sep 1999 | A |
| 5966186 | Shigihara et al. | Oct 1999 | A |
| 5973756 | Erlin | Oct 1999 | A |
| 5978649 | Kahn | Nov 1999 | A |
| 5999628 | Chan | Dec 1999 | A |
| 5999629 | Heer et al. | Dec 1999 | A |
| 6005937 | Lee | Dec 1999 | A |
| 6011511 | Chuong et al. | Jan 2000 | A |
| 6025868 | Russo | Feb 2000 | A |
| 6055314 | Spies et al. | Apr 2000 | A |
| 6055566 | Kikinis | Apr 2000 | A |
| 6061451 | Muratani et al. | May 2000 | A |
| 6061452 | Suzuki | May 2000 | A |
| 6069647 | Sullivan et al. | May 2000 | A |
| 6072873 | Bewick | Jun 2000 | A |
| 6072982 | Haddad | Jun 2000 | A |
| 6075330 | Terk | Jun 2000 | A |
| 6091883 | Artigalas et al. | Jul 2000 | A |
| 6097441 | Allport | Aug 2000 | A |
| 6105134 | Pinder et al. | Aug 2000 | A |
| 6144400 | Ebisawa | Nov 2000 | A |
| 6148081 | Szymanski et al. | Nov 2000 | A |
| 6154206 | Ludtke | Nov 2000 | A |
| 6157719 | Wasilewski et al. | Dec 2000 | A |
| 6157949 | Cheng et al. | Dec 2000 | A |
| 6169879 | Perlman | Jan 2001 | B1 |
| 6202211 | Williams, Jr. | Mar 2001 | B1 |
| 6229895 | Son et al. | May 2001 | B1 |
| 6240401 | Oren et al. | May 2001 | B1 |
| 6263504 | Ebisawa | Jul 2001 | B1 |
| 6266481 | Lee et al. | Jul 2001 | B1 |
| 6286142 | Ehreth | Sep 2001 | B1 |
| 6288716 | Humpleman et al. | Sep 2001 | B1 |
| 6289455 | Kocher et al. | Sep 2001 | B1 |
| 6317883 | Marics | Nov 2001 | B2 |
| 6317884 | Eames et al. | Nov 2001 | B1 |
| 6370688 | Hejna, Jr. | Apr 2002 | B1 |
| 6381747 | Wonfor et al. | Apr 2002 | B1 |
| 6398245 | Gruse et al. | Jun 2002 | B1 |
| 6405372 | Kim et al. | Jun 2002 | B1 |
| 6415031 | Colligan et al. | Jul 2002 | B1 |
| 6437836 | Huang et al. | Aug 2002 | B1 |
| 6456985 | Ohtsuka | Sep 2002 | B1 |
| 6466671 | Maillard et al. | Oct 2002 | B1 |
| 6466921 | Cordery et al. | Oct 2002 | B1 |
| 6473858 | Shimomura et al. | Oct 2002 | B1 |
| 6476825 | Croy et al. | Nov 2002 | B1 |
| 6480667 | O'Connor | Nov 2002 | B1 |
| 6487663 | Jaisimha et al. | Nov 2002 | B1 |
| 6487722 | Okura et al. | Nov 2002 | B1 |
| 6496980 | Tillman et al. | Dec 2002 | B1 |
| 6502139 | Birk et al. | Dec 2002 | B1 |
| 6510519 | Wasilewski et al. | Jan 2003 | B2 |
| 6516465 | Paskins | Feb 2003 | B1 |
| 6519693 | De Bey | Feb 2003 | B1 |
| 6519772 | Bopardikar | Feb 2003 | B1 |
| 6530085 | Perlman | Mar 2003 | B1 |
| 6542870 | Matsumoto | Apr 2003 | B1 |
| 6550011 | Sims, III | Apr 2003 | B1 |
| 6560340 | Akins et al. | May 2003 | B1 |
| 6574609 | Downs et al. | Jun 2003 | B1 |
| 6588017 | Calderone | Jul 2003 | B1 |
| 6611812 | Hurtado et al. | Aug 2003 | B2 |
| 6637027 | Breslauer et al. | Oct 2003 | B1 |
| 6654547 | Maeda et al. | Nov 2003 | B1 |
| 6655580 | Ergo et al. | Dec 2003 | B1 |
| 6681326 | Son et al. | Jan 2004 | B2 |
| 6697489 | Candelore | Feb 2004 | B1 |
| 6741834 | Godwin | May 2004 | B1 |
| 6745245 | Carpenter | Jun 2004 | B1 |
| 6748080 | Russ et al. | Jun 2004 | B2 |
| 6772434 | Godwin | Aug 2004 | B1 |
| 6804357 | Ikonen et al. | Oct 2004 | B1 |
| 6853728 | Kahn et al. | Feb 2005 | B1 |
| 6889208 | Okabe et al. | May 2005 | B1 |
| 6904522 | Benardeau et al. | Jun 2005 | B1 |
| 6934963 | Reynolds et al. | Aug 2005 | B1 |
| 6961858 | Fransdonk | Nov 2005 | B2 |
| 6993499 | Gagnon et al. | Jan 2006 | B2 |
| 7035827 | Ezaki | Apr 2006 | B2 |
| 7093295 | Saito | Aug 2006 | B1 |
| 7177911 | deCarmo | Feb 2007 | B2 |
| 7191155 | Maruyama et al. | Mar 2007 | B2 |
| 7191335 | Maillard | Mar 2007 | B1 |
| 7228439 | Sasselli | Jun 2007 | B2 |
| 7406618 | Van Rijnsoever et al. | Jul 2008 | B2 |
| 20010001876 | Morgan et al. | May 2001 | A1 |
| 20010017920 | Son et al. | Aug 2001 | A1 |
| 20010046299 | Wasilewski et al. | Nov 2001 | A1 |
| 20010053979 | Kori | Dec 2001 | A1 |
| 20020001386 | Akiyama | Jan 2002 | A1 |
| 20020021805 | Schumann et al. | Feb 2002 | A1 |
| 20020023219 | Treffers et al. | Feb 2002 | A1 |
| 20020048367 | Maillard | Apr 2002 | A1 |
| 20020056112 | Dureau et al. | May 2002 | A1 |
| 20020094084 | Wasilewski et al. | Jul 2002 | A1 |
| 20020101991 | Bacon et al. | Aug 2002 | A1 |
| 20020112243 | Hunter et al. | Aug 2002 | A1 |
| 20020116705 | Perlman et al. | Aug 2002 | A1 |
| 20020162104 | Raike et al. | Oct 2002 | A1 |
| 20020170054 | Kudelski et al. | Nov 2002 | A1 |
| 20020170072 | Lundbald et al. | Nov 2002 | A1 |
| 20020196374 | Barry et al. | Dec 2002 | A1 |
| 20030026428 | Loisel | Feb 2003 | A1 |
| 20030040962 | Lewis | Feb 2003 | A1 |
| 20030061477 | Kahn et al. | Mar 2003 | A1 |
| 20030097622 | Liu et al. | May 2003 | A1 |
| 20030105718 | Hurtado et al. | Jun 2003 | A1 |
| 20030110132 | Sako | Jun 2003 | A1 |
| 20030145183 | Muehring | Jul 2003 | A1 |
| 20030174844 | Candelore | Sep 2003 | A1 |
| 20030196113 | Brown et al. | Oct 2003 | A1 |
| 20030208771 | Hensgen et al. | Nov 2003 | A1 |
| 20030228911 | Dernis et al. | Dec 2003 | A1 |
| 20040068747 | Robertson et al. | Apr 2004 | A1 |
| 20050050333 | Yeap et al. | Mar 2005 | A1 |
| 20050144248 | Doganowski et al. | Jun 2005 | A1 |
| 20050235361 | Alkove et al. | Oct 2005 | A1 |
| 20060168663 | Viljoen et al. | Jul 2006 | A1 |
| 20060179489 | Mas Ribes | Aug 2006 | A1 |
| Number | Date | Country |
|---|---|---|
| 0677949 | Oct 1995 | EP |
| 710017 | May 1996 | EP |
| 0936812 | Aug 1999 | EP |
| 0 975165 | Jan 2000 | EP |
| 0975165 | Jan 2000 | EP |
| 0989557 | Mar 2000 | EP |
| 0989557 | Mar 2000 | EP |
| 1122910 | Aug 2001 | EP |
| 1156676 | Nov 2001 | EP |
| 1304871 | Apr 2003 | EP |
| 1369152 | Dec 2003 | EP |
| 2272822 | May 1994 | GB |
| 2354392 | Mar 2001 | GB |
| 06351023 | Dec 1994 | JP |
| 8287014 | Nov 1996 | JP |
| 11136708 | May 1999 | JP |
| 2000122933 | Apr 2000 | JP |
| WO 9211713 | Jul 1992 | WO |
| 9907150 | Feb 1999 | WO |
| 9909743 | Feb 1999 | WO |
| WO 9918729 | Apr 1999 | WO |
| 0008909 | Feb 2000 | WO |
| WO 0013412 | Mar 2000 | WO |
| WO 0014967 | Mar 2000 | WO |
| WO 0019294 | Apr 2000 | WO |
| WO 0122724 | Mar 2001 | WO |
| WO 0137546 | May 2001 | WO |
| WO 0143444 | Jun 2001 | WO |
| WO 0165762 | Sep 2001 | WO |
| WO 0199422 | Dec 2001 | WO |
| WO 0215184 | Feb 2002 | WO |
| WO 02065720 | Aug 2002 | WO |
| Number | Date | Country | |
|---|---|---|---|
| 20070258596 A1 | Nov 2007 | US |
