Method and system providing scrambled content

Follow

Information

Patent Application
20070189525

References
Source

Publication Number
20070189525
Date Filed
February 14, 2007
17 years ago
Date Published
August 16, 2007
17 years ago

Inventors
- Andrew Wajs
Original Assignees
- IRDETO ACCESS, B.V

CPC
US Classifications
- 380 - Cryptography
International Classifications
- H04L9/28
- H04L9/00
- H04N7/167
- H04K1/00

Information

Abstract

A method of providing scrambled data includes providing a stream of data units based on a sequence of clear data units by at least subjecting at least part of at least some of the clear data units to a cryptographic operation employing a first encryption key which forms a key pair with a corresponding first decryption key, such that a first section of the stream of data units includes data units including cryptograms obtained using a first value of the first encryption key, and such that a second section includes data units including cryptograms obtained using a second value of the first encryption key, and by associating data units with scrambling state identifying data for indicating a state of scrambling applicable to the associated data unit. The method further includes providing a stream of key messages, each carrying at least key information enabling an authorised decoder to obtain a value of the first decryption key, the stream of key messages and stream of data units being synchronised, associating each data unit including a cryptogram obtained using any value of the first encryption key with scrambling state identifying data including an identifier value associated with the first decryption key, associating data units in a third section, separating the first and second sections, with scrambling state identifying data lacking an identifier value associated with the first decryption key, and providing in at least one key message coinciding with one of the first and third sections key information enabling an authorised decoder to obtain a value of the first decryption key corresponding with the second value of the first encryption key. Subjection of at least part of the clear data units to the cryptographic operation employing the first encryption key is suspended for each data unit in the sequence included in the third section.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

Example embodiments will now be explained in further detail with reference to the accompanying drawings, in which:

FIG. 1 is a diagram showing a head-end from which to provide scrambled data in schematic fashion;

FIG. 2 is a diagram showing part of a hypothetical stream of transport stream packets to illustrate a first embodiment of an example embodiment;

FIG. 3 is a diagram showing part of a hypothetical stream of transport stream packets to illustrate a second embodiment of an example embodiment;

FIG. 4 is a diagram showing part of a hypothetical stream of transport stream packets to illustrate a third embodiment of an example embodiment; and

FIG. 5 is a schematic diagram of a system including a secure decryption module and a decoder.

Claims

1. A method of providing scrambled data, including providing a stream of data units based on a sequence of clear data units by at least subjecting at least part of at least some of the clear data units to a cryptographic operation employing a first encryption key which forms a key pair with a corresponding first decryption key, such that a first section of the stream of data units includes data units including cryptograms obtained using a first value of the first encryption key, and such that a second section includes data units including cryptograms obtained using a second value of the first encryption key, and by associating data units with scrambling state identifying data for indicating a state of scrambling applicable to the associated data unit, which method further includesproviding a stream of key messages, each carrying at least key information enabling an authorised decoder to obtain a value of the first decryption key, the stream of key messages and stream of data units being synchronised,associating each data unit including a cryptogram obtained using any value of the first encryption key with scrambling state identifying data including an identifier value associated with the first decryption key,associating data units in a third section, separating the first and second sections, with scrambling state identifying data lacking an identifier value associated with the first decryption key, andproviding in at least one key message coinciding with one of the first and third sections key information enabling an authorised decoder to obtain a value of the first decryption key corresponding with the second value of the first encryption key,wherein suspending subjection of at least part of the clear data units to the cryptographic operation employs the first encryption key for each data unit in the sequence included in the third section.
2. A method according to claim 1, including subjecting at least part of at least some of the clear data units to a cryptographic operation employing a second encryption key, which forms a key pair with a corresponding second decryption key.
3. A method according to claim 2, wherein the stream of data units is partitioned in sections corresponding to control word periods, at least part of at least one of the data units in each section corresponding to a control word period is obtained by subjecting at least part of a clear data unit to the cryptographic operation employing the second encryption key,wherein a different value of the second encryption key is used for each control word period, andwherein key information enabling an authorised decoder to obtain a value of the second decryption key corresponding to a value of the second encryption key used for a particular control word period is provided in one of the stream of key messages coinciding with a section preceding the section of the stream of data units corresponding to the particular control word period.
4. A method according to claim 3, wherein, for each two consecutive control word periods, scrambling state identifying data including one of at least two values associated with the second decryption key is associated with each data unit obtained by subjecting at least part of a clear data unit to the cryptographic operation employing the second encryption key in a section of the stream of data units corresponding to a first of the two consecutive control word periods, and wherein scrambling state identifying data including a different one of the values associated with the second decryption key is associated with each data unit obtained by subjecting at least part of a clear data unit to the cryptographic operation employing the second encryption key in a section of the stream of the stream of data units corresponding to the second of the two consecutive control word periods.
5. A method according to claim 2, wherein at least one key message in the stream of key messages carries key information enabling an authorised decoder to obtain a value of the first decryption key and a value of the second decryption key.
6. A method according to claim 2, wherein each clear data unit is subjected to at most only one of the cryptographic operation employing the first encryption key and the cryptographic operation employing the second encryption key.
7. A method according to claim 1, wherein the stream of data units is provided as a multiplex of at least two streams of transport stream packets, each transport stream packet including a header and a payload, wherein each header includes a transport stream identifier, and wherein the identifier value associated with the first decryption key is constituted by a first value of the transport stream identifier.
8. A system for providing scrambled data, including an input for receiving a stream of clear data,an output for providing a stream of data units based on the clear data,at least a first cryptographic system for applying a cryptographic operation employing a first encryption key forming a key pair with a corresponding first decryption key to at least part of a data unit,a control system for providing at least some data units in a first section of the stream of clear data for inclusion in a first section of the stream of data units to the first cryptographic system with a first value of the first encryption key, and for providing at least some data units in a second section of the stream of clear data for inclusion in a second section of the stream of data units to the first cryptographic system with a second value of the first encryption key,a system for providing a stream of key messages carrying key information enabling an authorised decoder to obtain values of the first decryption key, anda system for synchronising provision of the stream of key messages and of the stream of data units to an authorised decoder,wherein the system is arranged to associate scrambling state identifying data including an identifier value associated with the first decryption key with each data unit obtained by applying the cryptographic operation employing the first encryption key, to associate data units in a third section of the stream of data units separating the first and second section with scrambling state identifying data lacking an identifier value associated with the first decryption key,and to include in the stream of key messages at least one key message coinciding with one of the first and third sections and carrying key information enabling an authorised decoder to obtain the second value of the first decryption key,wherein the control system is arranged to suspend application of the cryptographic operation employing the first encryption key to any parts of clear data units in a third section of the stream of clear data corresponding to the third section of the stream of data units.
9. A system according to claim 8, arranged to carry out a method including providing a stream of data units based on a sequence of clear data units by at least subjecting at least part of at least some of the clear data units to a cryptographic operation employing a first encryption key which forms a key pair with a corresponding first decryption key, such that a first section of the stream of data units includes data units including cryptograms obtained using a first value of the first encryption key, and such that a second section includes data units including cryptograms obtained using a second value of the first encryption key, and by associating data units with scrambling state identifying data for indicating a state of scrambling applicable to the associated data unit, which method further includesproviding a stream of key messages, each carrying at least key information enabling an authorised decoder to obtain a value of the first decryption key, the stream of key messages and stream of data units being synchronised,associating each data unit including a cryptogram obtained using any value of the first encryption key with scrambling state identifying data including an identifier value associated with the first decryption key,associating data units in a third section, separating the first and second sections, with scrambling state identifying data lacking an identifier value associated with the first decryption key, andproviding in at least one key message coinciding with one of the first and third sections key information enabling an authorised decoder to obtain a value of the first decryption key corresponding with the second value of the first encryption key, whereinsuspending subjection of at least part of the clear data units to the cryptographic operation employs the first encryption key for each data unit in the sequence included in the third section.
10. A method of decoding scrambled data, including obtaining a stream of data units associated with scrambling state identifying data for indicating a state of scrambling applicable to the associated data unit,obtaining a stream of key messages in synchronisation with the stream of data units,causing consecutive values of a first decryption key to be generated from respective sets of key information in at least some of the key messages in the stream of key messages, andsubjecting at least a part of any data unit associated with scrambling state identifying data including a first identifier value to a cryptographic operation employing the first decryption key, wherein a value of the first decryption key maintained as a current value is applied,whereinwhen a set of key information for generating a new value of the first decryption key differing from the current value of the first decryption key is obtained, causing replacement of the value of the first decryption key maintained as current value of the first decryption key by the new value of the first decryption key, andsubjecting at least parts of only data units associated with scrambling state identifying data including the first identifier value to the cryptographic operation employing the first decryption key.
11. A method according to claim 10, including subjecting at least parts of data units associated with scrambling state identifying data including any of at least one identifier value associated with a second decryption key and different from the first identifier value to a cryptographic operation employing the second decryption key.
12. A method according to claim 11, including obtaining a stream of data units which stream is partitioned into sections corresponding to control word periods, using a value of the second decryption key maintained as a current value of the second decryption key in the cryptographic operation employing the second decryption key,obtaining a new value of the second decryption key from key information in one of the stream of key messages, and replacing the current value of the second decryption by the new value of the second decryption key upon detecting a transition between control word periods, wherein the transition is detected by detecting a change from a first to a second identifier value associated with the second decryption key in the scrambling identifying data (18) associated with data units in the sections of the stream of data units corresponding to the control word periods.
13. A method according to claim 11, wherein the second decryption key is obtained by obtaining a key message carrying encrypted key information and providing at least the encrypted key information to a secure decryption module arranged to return the second decryption key.
14. A method according to claim 10, wherein a data unit is subjected to the cryptographic operation employing the first decryption key by providing at least part of that data unit to a secure decryption module and by providing the secure decryption module with at least one of the sets of key information in the key messages.
15. A system for decoding scrambled data, including an interface for obtaining a stream of data units associated with scrambling state identifying data for indicating a state of scrambling applicable to the associated data unit,and for obtaining a stream of key messages synchronously with the stream of data units,wherein the system is arranged to obtain consecutive values of a first decryption key from respective sets of key information in at least some of the key messages in the stream of key messages, andwherein the system is further arranged to apply a decryption operation to at least parts of data units associated with scrambling state identifying data including a first identifier value using the first decryption key, wherein a value of the first decryption key maintained as a current value is applied,and wherein the system is arranged, when a new value of the first decryption key differing from the current value of the first decryption key is obtained, to replace the value of the first decryption key maintained as current value of the first decryption key by the new value of the first decryption key and to apply the decryption operation using the first decryption key only to data in data units associated with scrambling state identifying data including the first identifier value.
16. A system according to claim 15, including a decoder arranged to carry out a method including obtaining a stream of data units associated with scrambling state identifying data for indicating a state of scrambling applicable to the associated data unit,obtaining a stream of key messages in synchronisation with the stream of data units,causing consecutive values of a first decryption key to be generated from respective sets of key information in at least some of the key messages in the stream of key messages, andsubjecting at least a part of any data unit associated with scrambling state identifying data including a first identifier value to a cryptographic operation employing the first decryption key, wherein a value of the first decryption key maintained as a current value is applied,wherein,when a set of key information for generating a new value of the first decryption key differing from the current value of the first decryption key is obtained, causing replacement of the value of the first decryption key maintained as current value of the first decryption key by the new value of the first decryption key, and bysubjecting at least parts of only data units associated with scrambling state identifying data including the first identifier value to the cryptographic operation employing the first decryption key.
17. A computer program including a set of instructions capable, when incorporated in a machine readable medium, of causing a system having information processing capabilities to perform a method according to claim 1.

Priority Claims (1)

Number	Date	Country	Kind
06101704.2	Feb 2006	EP	regional