US9270465B2ActiveUtilityA1

Control word protection

Assignee: ROELSE PETRUS LAMBERTUS ADRIANUSPriority: Dec 1, 2010Filed: Nov 30, 2011Granted: Feb 23, 2016
Est. expiryDec 1, 2030(~4.4 yrs left)· nominal 20-yr term from priority
H04L 9/3234H04L 63/061H04L 9/0825H04N 21/63345H04N 21/4181H04N 21/4623H04N 7/1675H04L 9/0894H04N 21/26606H04N 21/4367H04N 21/4405H04L 2209/60H04L 63/0853H04L 9/08H04N 21/8352H04L 9/0897H04L 9/0886H04L 9/0877H04L 9/40H04N 5/00H04N 7/167
57
PatentIndex Score
2
Cited by
16
References
20
Claims

Abstract

A method for securely obtaining a control word in a chip set of a receiver, said control word for descrambling scrambled content received by the receiver, the method comprising, at the chip set: receiving a secured version of a virtual control word from a conditional access/digital rights management client communicably connected to the chip set; obtaining the virtual control word from the secured version of the virtual control word; and using a first cryptographic function to produce a given output from an input that comprises the virtual control word and either a plurality of signature verification keys or one or more values derived from a plurality of signature verification keys, each signature verification key being associated with a conditional access/digital rights management system, the given output comprising at least one control word, wherein the first cryptographic function has the property that it is infeasible to determine a key pair including a signature key and a signature verification key and an input for the first cryptographic function comprising the determined signature verification key or one or more values derived, at least in part, from the determined signature verification key, such that the first cryptographic function produces the given output from the determined input.

Claims

exact text as granted — not AI-modified
The invention claimed is: 
     
       1. A method for securely obtaining a control word in a chip set of a receiver, said control word for descrambling scrambled content received by the receiver, the method comprising, at the chip set:
 receiving a secured version of a chip set load key, the chip set load key being secured to protect the confidentiality of the chip set load key and being secured using a signature key to protect the authenticity of the chip set load key; 
 obtaining the chip set load key from the secured version of the chip set load key, wherein said obtaining comprises using a signature verification key corresponding to the signature key to verify the authenticity of the chip set load key; 
 receiving a secured version of a virtual control word from a conditional access/digital rights management client communicably connected to the chip set; 
 using the chip set load key to obtain the virtual control word from the secured version of the virtual control word; and 
 using a first cryptographic function to produce a given output from an input; 
 wherein the input comprises:
 the virtual control word and 
 either a plurality of signature verification keys or one or more values derived from a plurality of signature verification keys, wherein each signature verification key is associated with a conditional access/digital rights management system, 
 
 wherein the given output comprises at least one control word; 
 wherein said signature verification key corresponding to the signature key used to verify the authenticity of the chip set load key is one of said plurality of signature verification keys; 
 wherein the first cryptographic function has the property that it is infeasible to determine (i) a key pair, the key pair including a signature key and a signature verification key, and (ii) an input for the first cryptographic function comprising the determined signature verification key or one or more values derived, at least in part, from the determined signature verification key, such that the first cryptographic function produces the given output from the determined input. 
 
     
     
       2. The method according to  claim 1 , comprising receiving and storing the signature verification keys of the plurality of signature verification keys, wherein said first cryptographic function is arranged to use said stored signature verification keys as a part of the input to the first cryptographic function. 
     
     
       3. The method according to  claim 1 , comprising:
 receiving the plurality of signature verification keys; 
 generating a derived value from the received plurality of signature verification keys; and 
 storing the generated derived value; 
 wherein said first cryptographic function is arranged to use said stored derived value as a part of the input to the first cryptographic function. 
 
     
     
       4. The method according to  claim 1 ,
 wherein the secured version of the virtual control word is a virtual control word encrypted using the chip set load key; and 
 wherein obtaining the virtual control word from the secured version of the virtual control word comprises using the chip set load key to decrypt the secured version of the virtual control word. 
 
     
     
       5. The method according to  claim 1 , wherein the secured version of the chip set load key comprises the chip set load key encrypted using a public key associated with the chip set and a signature based on the chip set load key using the signature key, wherein obtaining the chip set load key from the secured version of the chip set load key comprises:
 decrypting the encrypted chip set load key using a secret key associated with the chip set, the secret key corresponding to the public key associated with the chip set, and wherein said verifying the authenticity of the chip set load key comprises verifying the signature using the signature verification key corresponding to the signature key. 
 
     
     
       6. The method according to  claim 5 , comprising the chip set storing the chip set load key obtained from the secured version of the chip set load key so that the stored chip set load key can be used to decrypt secured versions of virtual control words received by the chip set. 
     
     
       7. The method according to  claim 6 , comprising:
 receiving the plurality of signature verification keys along with the secured version of the virtual control word; and 
 determining whether the signature based on the stored chip set load key was verified using one of the received signature verification keys and, if it is determined that the signature based on the stored chip set load key was not verified using one of the received signature verification keys, not using the stored chip set load key to decrypt the secured version of the virtual control word received by the chip set. 
 
     
     
       8. The method according to  claim 5 , in which the receiver is one receiver in a plurality of receivers, each receiver in the plurality of receivers having a corresponding chip set that has an associated secret key, wherein the secret keys associated with the chip sets of the receivers in the plurality of receivers are different from each other. 
     
     
       9. A method for providing a control word to a chip set of a receiver, the control word to enable the receiver to descramble scrambled content transmitted to the receiver, the method comprising:
 generating a virtual control word at a head-end system; 
 transmitting the virtual control word from the head-end system to a conditional access/digital rights management client via the receiver, wherein the conditional access/digital rights management client is communicably connected to the chip set; 
 transmitting to the chip set a secured version of a chip set load key, the chip set load key being secured to protect the confidentiality of the chip set load key, the chip set load key being secured using a signature key associated with a conditional access/digital rights management system to protect the authenticity of the chip set load key, the chip set load key to enable the receiver to access the virtual control word; 
 using a first cryptographic function to produce a given output from an input; 
 wherein the input comprises:
 the virtual control word and 
 either a plurality of signature verification keys or one or more values derived from a plurality of signature verification keys, wherein each signature verification key is associated with a conditional access/digital rights management system, 
 
 wherein the given output comprises at least one control word; 
 wherein the signature key used to secure the chip set load key thereby protecting the authenticity of the chip set load key corresponds to one of the plurality of signature verification keys; 
 wherein the first cryptographic function has the property that it is infeasible to determine (i) a key pair, the key pair including a signature key and a signature verification key, and (ii) an input for the first cryptographic function comprising the determined signature verification key or one or more values derived, at least in part, from the determined signature verification key, such that the first cryptographic function produces the given output from the determined input; 
 scrambling content using the control word to produce scrambled content; and 
 transmitting the scrambled content to the chip set. 
 
     
     
       10. The method according to  claim 9 , wherein the secured version of the chip set load key comprises the chip set load key encrypted using a public key associated with the chip set and a signature based on the chip set load key using the signature key. 
     
     
       11. The method according to  claim 9 , comprising transmitting the control word from the head-end system to a second conditional access/digital rights management client via a second receiver, wherein the second conditional access/digital rights management client is communicably connected to a second chip set of the second receiver. 
     
     
       12. The method according to  claim 9 , wherein at least two of the signature verification keys in the plurality of signature verification keys are associated with the same conditional access/digital rights management system. 
     
     
       13. The method according to  claim 9 , wherein at least two of the signature verification keys in the plurality of signature verification keys are associated with different conditional access/digital rights management systems. 
     
     
       14. The method according to  claim 9 , in which a derived value is produced by providing the plurality of signature verification keys to a second cryptographic function, wherein the second cryptographic function has the property that it is infeasible to generate a key pair including a signature key and a signature verification key and an input for the second cryptographic function comprising the generated signature verification key such that the second cryptographic function produces that derived value from the generated input. 
     
     
       15. The method according to  claim 9 , in which the one or more derived values comprise, for each signature verification key in the plurality of signature verification keys, a corresponding cryptographic hash value of that signature verification key. 
     
     
       16. A chip set, for a receiver, for securely obtaining a control word, said control word for descrambling scrambled content received by the receiver, the chip set arranged to carry out a method comprising:
 receiving a secured version of a chip set load key, the chip set load key being secured to protect the confidentiality of the chip set load key and being secured using a signature key to protect the authenticity of the chip set load key; 
 obtaining the chip set load key from the secured version of the chip set load key, wherein said obtaining comprises using a signature verification key corresponding to the signature key to verify the authenticity of the chip set load key; 
 receiving a secured version of a virtual control word from a conditional access/digital rights management client communicably connected to the chip set; 
 using the chip set load key to obtain the virtual control word from the secured version of the virtual control word; and 
 using a first cryptographic function to produce a given output from an input; 
 wherein the input comprises:
 the virtual control word and 
 either a plurality of signature verification keys or one or more values derived from a plurality of signature verification keys, wherein each signature verification key is associated with a conditional access/digital rights management system, 
 
 wherein the given output comprises at least one control word; 
 wherein said signature verification key corresponding to the signature key used to verify the authenticity of the chip set load key is one of said plurality of signature verification keys; 
 wherein the first cryptographic function has the property that it is infeasible to determine (i) a key pair, the key pair including a signature key and a signature verification key, and (ii) an input for the first cryptographic function comprising 
 
       the determined signature verification key or one or more values derived, at least in part, from the determined signature verification key, such that the first cryptographic function produces the given output from the determined input. 
     
     
       17. A system for providing a control word to a chip set of a receiver, the control word to enable the receiver to descramble scrambled content transmitted to the receiver, the system comprising:
 at least one processor; and 
 at least one memory coupled to the at least one processor and storing instructions, which when executed by the at least one processor cause the at least one processor to: 
 generate a virtual control word at a head-end system; 
 transmit the virtual control word from the head-end system to a conditional access/digital rights management client via the receiver, wherein the conditional access/digital rights management client is communicably connected to the chip set; 
 transmit to the chip set a secured version of a chip set load key, the chip set load key being secured to protect the confidentiality of the chip set load key, the chip set load key being secured using a signature key associated with a conditional access/digital rights management system to protect the authenticity of the chip set load key, the chip set load key to enable the receiver to access the virtual control word; 
 use a first cryptographic function to produce a given output from an input; 
 wherein the input comprises: 
 the virtual control word and 
 either a plurality of signature verification keys or one or more values derived from a plurality of signature verification keys, wherein each signature verification key is associated with a conditional access/digital rights management system, 
 wherein the given output comprises at least one control word; 
 wherein the signature key used to secure the chip set load key thereby protecting the authenticity of the chip set load key corresponds to one of the plurality of signature verification keys; 
 wherein the first cryptographic function has the property that it is infeasible to determine (i) a key pair, the key pair including a signature key and a signature verification key, and (ii) an input for the first cryptographic function comprising the determined signature verification key or one or more values derived, at least in part, from the determined signature verification key, such that the first cryptographic function produces the given output from the determined input; 
 scrambling content using the control word to produce scrambled content; and 
 transmitting the scrambled content to the chip set. 
 
     
     
       18. A receiver comprising the chip set according to  claim 16 . 
     
     
       19. A non-transitory computer readable medium having stored thereon instructions that, when executed by a chip set of a receiver, cause the chip set to carry out a method for securely obtaining a control word, said control word for descrambling scrambled content received by the receiver, the method comprising:
 receiving a secured version of a chip set load key, the chip set load key being secured to protect the confidentiality of the chip set load key and being secured using a signature key to protect the authenticity of the chip set load key; 
 obtaining the chip set load key from the secured version of the chip set load key, wherein said obtaining comprises using a signature verification key corresponding to the signature key to verify the authenticity of the chip set load key; 
 receiving a secured version of a virtual control word from a conditional access/digital rights management client communicably connected to the chip set; 
 using the chip set load key to obtain the virtual control word from the secured version of the virtual control word; and 
 using a first cryptographic function to produce a given output from an input; 
 wherein the input comprises:
 the virtual control word and 
 either a plurality of signature verification keys or one or more values derived from a plurality of signature verification keys, wherein each signature verification key is associated with a conditional access/digital rights management system, 
 
 wherein the given output comprises at least one control word; 
 wherein said signature verification key corresponding to the signature key used to verify the authenticity of the chip set load key is one of said plurality of signature verification keys; 
 wherein the first cryptographic function has the property that it is infeasible to determine (i) a key pair, the key pair including a signature key and a signature verification key, and (ii) an input for the first cryptographic function comprising 
 
       the determined signature verification key or one or more values derived, at least in part, from the determined signature verification key, such that the first cryptographic function produces the given output from the determined input. 
     
     
       20. A system comprising one or more chip sets according to  claim 16 .

Join the waitlist — get patent alerts

Track US9270465B2 — get alerts on status changes and closely related new filings.

We store only your email — no account needed. See our privacy policy.