Methods for decrypting, transmitting and receiving control words, recording medium and control word server to implement said methods

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to information decryption methods. The method comprises steps of, in response to the absence in any of the terminals of one or more control words CWc for decrypting one or more multimedia content cryptoperiods, transmitting through said terminal to a control word server a request containing a cryptogram(s) of said one or more absent control words, and in response, transmitting by the control word server to said terminal said one or more absent control words, wherein the control word server selectively determines for each terminal the number of additional control words CWs intended for transmission to the terminal depending on the probability of compromising the protection of said additional control words, and besides the absent control words CWc, transmitting to said terminal said determined number of additional control words CWs, which enables the terminal to decrypt additional multimedia content cryptoperiods in addition to cryptoperiods decrypted using the requested absent control words CWc.

EFFECT: ensuring secure transmission of control words.

10 cl, 6 dwg

 

The invention relates to a method of decrypting the control words for terminals, independent from each other from the point of view of mechanics and electronics. The invention also concerns the method of transmission and reception modes of the control words to the method of decryption. The invention also concerns the recording media and data server control words for the implementation of this method.

There are ways to encrypt the control words in which

in response to the absence in any one of the terminals of one or multiple control words CWCto decrypt one or multiple cryptoperiods multimedia content specified terminal transmits to the server a control word request, containing the cryptogram or cryptogram specified one or multiple missing control words, and

in response, the server control word passes into the specified terminal specified one or many missing control words.

Under multimedia content should understand audio and/or visual content intended for playback in the form of directly perceivable and understandable for people. Typically, the media content corresponds to the sequence of images forming a film, TV show or commercial. Multimedia content can also be interactive the active content such as the game.

As you know, you can simultaneously upload multiple multimedia content, the transfer of each multimedia content is on its own channel. The channel used for transmitting multimedia content, also known as "the program". Typically, one channel corresponds to one of the TV. This allows the user to select the multimedia content that he wants to see, by simply switching the channel.

To protect and ensure viewing of multimedia content, in certain circumstances, such as a paid subscription, the multimedia content is performed not directly, but in an encrypted form. In particular, each multimedia content is divided into a series of cryptoperiods. During the whole period of cryptoperiod access to encoded multimedia content remain unchanged. In particular, during the whole period of cryptoperiod multimedia content remains encrypted using the same control word. Typically, the control word changes from one cryptoperiod to another. In addition, typically the control word is specific to a single multimedia content, and it is chosen randomly or pseudo-random. Still the way if you are currently on the N channels simultaneously broadcast N multimedia content, there are N different and independent control words, each of which is used for encryption of one of these multimedia contents.

In this case, the terms "encode/decode" and "encrypt/decrypt" can be regarded as synonyms.

Unencrypted media content corresponds to the multimedia content before it is encrypted. It can be transmitted directly to play in human-readable form without the use of decryption operations, and without limiting the view to certain conditions.

The control word is required to decrypt the media content, transmit synchronously with multimedia content. For example, the control word necessary for decryption, go to each terminal within (t-1)-th cryptoperiod. For this example, the control word is Packed together with the encoded multimedia content.

In order to protect the transmission of control words, they are transmitted to the terminal in the form of cryptograms. In this case, the cryptogram should understand the information, which separately is not enough to find an open control word. Thus, if the transmission of the control word caught, knowing only the cryptogram pin is Aulnay word does not allow you to select the control word, allows to decrypt the media content. To identify open the control words control word allows you to directly decrypt the multimedia content, it must be combined with secret information. For example, the cryptogram of the control word is obtained by encryption of the open control word using the cryptographic key. In this case, the secret information and the cryptographic key allow you to decrypt the cryptogram. The cryptogram of the control word can also be a reference to the control word stored in a table containing the set of possible control words. In this case, the secret information is a table that associates with each link, open the "control word".

Sensitive information must be stored in a safe place. For this purpose it was proposed to store sensitive information

or in a secure processor, such as microprocessor cards directly connected with each of the terminal

or, according to recent developments, the server control words that are common to several terminals.

In this latter case, the terminal does not have a chip card. This suggest beskartochnyh terminal or cardless terminal" in English.

The server control words associated with each of the terminals through udalenno the data network, such as the Internet. When using the server control words, first to various terminals transmits the cryptogram of the control word, then these terminals return them to the server control words. This procedure has several advantages. In particular, the data network used to transmit multimedia content and cryptograms control words may be different from the network used for the communication terminal to the server control words. For example, the network for the transmission of multimedia content and cryptograms control words is unidirectional broadband network, such as a satellite network. As for the network, connecting the terminal with the server control words, it is a bidirectional network, the bandwidth of which can be more narrow.

In addition, this simplifies the synchronization in time between the transmission of multimedia content and transfer of cryptograms appropriate control words.

The server function of the control words may be the decryption of cryptograms control words transmitted by the terminal, and then to return to each of these terminals decrypted control word. Thus, some kind of server control word plays the role of a microprocessor card that is shared by several terminals, independent from each other from the point of view of haniki and electronics. Terminals, independent from each other in terms of electronics, are terminals that can operate autonomously and have no common electronic or software.

If the terminal requires a control word to decrypt the multimedia content, it sends to the server a control word request, containing the cryptogram of the control word. In response, the server control words decrypts the cryptogram, and then forwards the decrypted control word to the terminal, which can now decrypt the selected multimedia content.

Multimedia content transmitted on different channels, you can coordinate among themselves in time. For example, the moments of multimedia contents set in such a way as to comply with the schedule of transmission specified in a pre-designed program grid. Each terminal on the channel takes essentially the same time, the same multimedia content. They say that multimedia contents are "alive" or "linearized" threads, because the user has no control over the moment of their transfer.

On the other hand, the transfer of certain multimedia contents is available on request. For example, this applies to the case of services such as video-on-demand or "Video On Demand" in English. This endeavor is by cases, when produce local entry terminal or deleted record from the network and when the beginning and the progress view is controlled by the user. This service is known, for example, abbreviated by NVPR ("Network Private Video Recorder"). It could also be about the service that allows you to go back in time or back to review, such as a service, known by its acronym NTS (Network Time Shifting"). In these latter cases, the multimedia content is called "delinearization" as the moment when the terminal loses the content set by the user.

Typically, the number of encrypted control words contained in the query is limited to one or two, in order to increase security of a cryptographic system. Indeed, if we increase the number of encrypted control words contained in the query, then the number of open control words in each terminal to decrypt the same multimedia content, will increase. However, the greater the number of open control words stored in the terminal, the more put in jeopardy protection system. For example, a large number of control words stored in each terminal, facilitates attacks such as unauthorized sharing of control words. Each attack is illegal transfer to other terminals that do not have the CEO of the relevant subscription, open the control words received from the terminal subscribed to decrypt these control words.

Each terminal sends to the server control word query for each cryptoperiod or every two cryptoperiod.

Request handling server control words takes time, and the increased number intended for processing queries, the greater the workload on this server. The greater the workload, the greater must be the computing power of the server control words.

Therefore, it is desirable to find a way to reduce server workload control words, in order to use servers with less computational power.

The invention is intended to solve the problem and to suggest a method of decryption, in which the server control words

selectively determines for each terminal number of additional control words CWsintended for transmission to the terminal, depending on the probability of compromise to protect these additional key words and

besides missing the control words CWctransmits to the terminal a certain number of additional control words CWsto allow the terminal to decrypt additional cryptoperiod multimedia content updat the Addendum to cryptoperiods, decryptable using the requested missing control words CWc.

The transmission of additional control words in addition to missing the control word allows you to increase the number of control words that are present in the terminal, and, therefore, reduce the frequency of requests transmitted by this terminal to the server control words. This reduction in the frequency reduces the workload of the server control words.

In addition, in this case, increasing the number of control words stored in the terminal, does not affect the protection of a cryptographic system, because this increase applied only to some selectively chosen terminal, in which the risk of unauthorized use of control words is low.

The object of the invention is also a method for transmission of control words in a terminal independent from each other from the point of view of mechanics and electronics, for the implementation of the above method, the method includes

transmission in any of these missing terminal of the control words CWcin response to a request of the terminal, containing the cryptogram or cryptogram missing control words,

selective determination for each terminal number of additional control words CWstransmitted in erminal, depending on the probability of compromise to protect these additional key words

in addition to missing the control words CWctransfer to the terminal of a certain number of additional control words CWsto allow the terminal to decrypt additional cryptoperiod multimedia content in addition to cryptoperiods, decryptable using the requested missing control words CWC.

Embodiments of this method, transmission of control words may contain one or more of the following distinctive characteristics:

- the number of additional control words set according to

- estimates of the number of requests destined for the server to process the control words for several upcoming cryptoperiod, and

- from rules, giving the number intended for the transmission of additional control words, which allows more evenly on the future cryptoperiod the number of processed requests, depending on the aforementioned evaluation;

server control words assesses the number of requests that are intended for processing in future cryptoperiods, based on the number of additional control words transmitted to the terminal server control words during the previous cryptoperiod and use the e current cryptoperiod;

- the number of additional control words is determined depending on a random number selected randomly or pseudo-random, interval numbers, the value of which depends on the probability of compromise to protect the control words stored in the terminal;

- the number of additional control words CWsset depending on the likely number of consecutive cryptoperiod of the multimedia content, which will be decrypted by this terminal.

- violate protection additional control words CWsis a function of the identifier of the terminal, and/or the error counter operation of the terminal, and/or identifier of the multimedia content.

These embodiments of the method of transmission of control words have the following additional advantages:

- define the number of additional control words for transmission depending on estimates of the number of requests processed by the server control words for each cryptoperiod allows to distribute the workload of the server control words for a few cryptoperiods,

- define the number of additional control words depending on random numbers allows you to distribute the workload of the server control words for a few cryptoperiods, without resorting to the assessment of the working n the load of this server in each of these cryptoperiods;

- the establishment of a number of additional control words depending on the likely number of consecutive cryptoperiod of the multimedia content to be decrypted, you can further limit the workload of the server control words and to avoid excessive direction of additional control words.

The object of the invention is also a method for receiving control words terminal for implementing the foregoing method, in which

in response to the absence in this terminal one or more control words CWcto decrypt one or more cryptoperiods multimedia content that the terminal sends to the server a control word request, containing the cryptogram or cryptogram one or multiple missing control words, and

in addition to the requested missing control said terminal receives a certain number of additional control words to this terminal can decrypt the additional cryptoperiod the same multimedia content in addition to cryptoperiods, decryptable using the requested missing control words CWc.

The object of the invention is also a recording media data containing commands for the implementation of the above methods, when the coma is water takes the electronic computing device.

Finally, the object of the invention is a server control words for terminals, independent from each other from the point of view of mechanics and electronics, is designed to implement the above methods, the server is made with the possibility

transmission on any of the terminals of one or more missing control words CWcin response to a request from the terminal, containing the cryptogram or cryptogram missing or missing control words,

- selective determination for each terminal number of additional control words CWsintended for transmission to the terminal, depending on the probability of compromising the protection of these additional control words, and

- transfer to the terminal, in addition to missing the control words CWca certain number of additional control words CWsthat the terminal is able to decrypt additional cryptoperiod multimedia content in addition to cryptoperiods, decryptable using the requested missing control words CWc.

The invention will be more apparent from the following description, provided solely as a non-restrictive example, with reference to the accompanying drawings, in which

Fig.1 is a system diagram of transmission and reception of shkodrov is the R multimedia content

Fig.2-4 tables used in the system shown in Fig.1,

Fig.5 is a block diagram of a method of decrypting the control words using the system shown in Fig.1,

Fig.6 is a block diagram of a method of updating a table of control words.

In these figures to designate the same elements used the same digital item.

In the further text description of the characteristics and functions well known to the specialist, is omitted. In addition, the terminology used is terminology known systems access to multimedia content. For more detailed information you can refer to the following document:

"Functional Model of a Conditional Access System", EBU Review, technical European Broadcasting Union, Brussels, BE, No. 266, December 21, 1995.

In Fig.1 shows a system with 2 transmit and receive encoded multimedia content. The transmitted multimedia contents are linearized or delinearization multimedia content. For example, multimedia content corresponds to the cycle of the audiovisual program, such as television broadcast, or film.

Further, the system 2 will be described for the particular case, when the multimedia contents are linearized.

Open the multimedia content generated by one or more sources 4 and transmitted to the device 6 broadcast. Give the TWT 6 transmits multimedia content simultaneously at multiple receiving terminals via the network 8, the data transmission. The transmitted multimedia content to be synchronized in time, for example, to comply with pre-developed software, net.

Typically, the network 8 is a data network over large distances, such as the Internet, or satellite network, or any other communication network such as the network used to broadcast digital terrestrial television (TNT).

For simplification in Fig.1 shows only three receiving terminal 10-12.

The device 6 includes an encoder 16, which compacts the rulings of the multimedia content. The encoder 16 processes the digital media content. For example, this encoder operates according to standard MPEG2 (Moving Picture Expert Group - 2) or on standard ITU-T N.

Compressed multimedia content is fed to the input 20 of the encoder 22. The encryption unit 22 encrypts each compressed multimedia content, in order to subjugate them viewing certain conditions, such as payment for access rights users receiving terminals. Encrypted multimedia content are received at the output 24 connected to the input of a multiplexer 26.

The encryption unit 22 encrypts each compressed multimedia content using the control word CWi,the, as well as system 28 conditional access sends the generator 32 keys. The system 28 is known under the acronym CAS (Conditional Access System). The index i is Ident is fication channel, through which pass the encoded multimedia content, and the index t is an identifier of cryptoperiod encrypted using this control word. In the following text describe the current cryptoperiod, decryptable terminal is cryptoperiod t-1.

Usually this corresponds to the encryption standard, such as DVB-CSA (Digital Video Broadcasting - Common Scrambling Algorithm), ISMA Cryp (Internet Streaming Media Alliance Cryp), SRTP (Secure Real-time Transport Protocol), AES (Advanced Encryption Standard), ... and so on

System 28 generates messages ECM (Entitlement Control Message), containing at least the cryptogram CW*i,tthe control word CW*i,tgenerated by the generator 32 and used by the encoder 22 to encrypt cryptoperiod t channel i. The multiplexer 26 combines these messages and encrypted multimedia contents, which are received by him from the system 28 conditional access to and from the encoder 22, before sending them to the network 8.

The system 28 also inserts in each message ECM

ID i channel

the cryptogram CW*i,tand CW*i,t+1the control words CWi.tand CWi,t+1that allows you to decrypt cryptoperiod t and t+1 channel i,

numbers t and t+1, the identifying cryptoperiod, decryptable using the control words CWi,tand CWi,t+1,

label time TStand TSt+1or "timestamp" in English, to the verge celebrate moments which should be played cryptoperiod t and t+1,

- access rights DA, intended for comparison with the rights of access, paid by the user, and

- signature or cryptographic redundancy MAC that allows you to verify the integrity of messages ECM.

Labels time determine or relative to the absolute origin point that is not dependent on the transmitted multimedia content, either from the original point associated with the transferred multimedia content. For example, the associated starting point may be the beginning of the film, if the media content is a movie.

The same ID i insert all messages ECM containing the cryptogram CW*i,tto decrypt the multimedia content transmitted over a single channel.

For example, in this case, the encryption and compression of multimedia content corresponds to the Protocol DVB-Simulcrypt (ETSI TS 103 197). In this case, the ID i can match a single pair of "channel ID/stream ID", through which pass all requests generate messages ECM for this channel.

For example, terminals 10-12 are identical and will be described in more detail only the terminal 10.

The terminal 10 includes a receiver 70 of the transmitted multimedia content. This receiver 70 is connected at the input to the demultiplexer 72, which transmits, on the one hand, multi is Ediny content to the decoder 72 and, on the other hand, messages ECM and EMM (Entitle Management Message) to the processor 76. The processor 76 handles sensitive data such as cryptographic keys. To preserve the privacy of these data, it is designed to provide maximum security against attacks by computer pirates. Thus, it is much more robust against these attacks than other components of the terminal 10. This reliability ensures, for example, by installing a software module specifically designed to protect sensitive data.

The processor 76 is made, for example, on the basis of programmable electronic computing devices, with the ability to execute commands, recorded on the recording media data. For this purpose, the processor 76 is connected to the memory 78 that contains the commands necessary for implementing the method shown in Fig.5.

Memory 78 also contains

- cryptographic certificate for identification and authentication of the terminal 10 and

- local table 79 control words.

The decoder 74 decodes the encrypted media content using a control word transmitted by the processor 76. The decrypted multimedia content is delivered to decoder 80, which it decodes. Rasuplotnenie or decoded player is any content is transmitted to the graphics card 82, which controls the excretion of the multimedia content on the playback device 84, equipped with a screen 86.

Playback device 84 plays in plaintext decrypted multimedia content on the screen 86.

The terminal 10 also includes a transmitter 88, allowing you to establish a secure connection with the control center 90 of the network through the network 92 data. For example, the network 92 is a data network over large distances and, in particular, a packet switching network such as the Internet. Secure communication is, for example, the tunnel communication channel is protected using a cryptographic certificate.

The center 90 of the control network contains the module 100 controls the access rights of different users of the system 2. This module 100 is better known under the English name "subscriber authorization system". This module 100 generates and updates the data 102. The base 102 data associates with each user ID access rights paid by this user. This database 102 is stored in memory 104.

The center 90 of the control network also includes a server 106 of the control words associated 2 with the module 108 authorization and memory 110. The memory 110 contains

table 112 of the control words,

table 114 index of trust in the terminal

table 116 index of criticality multimedia to the of Nantou and

- the error counters work C1C2C3and C4corresponding to each terminal.

More work error counters C1-C4described with reference to Fig.5.

Typically, the server 106 implements programmable electronic computing devices, with the ability to execute commands, recorded on the recording media data. For this purpose, the memory 110 also contains commands for execution of the methods shown in Fig.5 and 6.

An example of the structure of the table 112 shown in more detail in Fig.2. Each row in the table 112 corresponds to one record. Table 112 contains multiple records. Each entry corresponds to one cryptoperiod. In particular, table 112 contains records for more than three future serial cryptoperiods each multimedia content. Each of these records contains the following fields:

field i, containing the ID i broadcast channel

field t, containing the number of cryptoperiod,

field TStcontaining the label time associated with cryptoperiod t,

field SA, containing access conditions to this cryptoperiod t.

Table structure 79, for example, is identical to the structure of the table 112.

In Fig.3 presents in detail an example of the structure for the table 114. Table 114 connects with each IDTterminal index the trust IC Tfor this terminal. The confidence index ICTcharacterizes the probability of failing to protect the control words recorded in this terminal. It is considered that the protection of the terminal compromised when the control words, recorded or stored in the terminal, used for illegal purposes, for example to decrypt the multimedia content other terminals that do not have access rights that allow such decryption. In the future it will be assumed that the smaller the index value, the greater the likelihood of incursion of control words stored in the terminal.

In this case, the index ICTdisplays the probability of resistance material resources used in the terminal, in relation to the attempt of piracy. Therefore, it characterizes the level of difficulty unauthorized access to and use of control words stored in this terminal.

For example, the table 114 provides the system operator 2.

As an illustration, the index value ICTfor each terminal is the amount received by the terminal according to many different criteria protection.

The table below presents an example of a rating scale.

The criterion for protectionTo assess if this criterion is observed To assess if this criterion to observed
Cryptographic processing is protected by processor500
Code of execution of the cryptographic processing encrypted in non-volatile memory150
Code of execution of the cryptographic processing encrypted in non-volatile memory during the execution of this code300
Technique is masking code cryptographic processing difficulties tracking process50

The index value ICTthis terminal is the sum of the grades obtained in each of the protection criteria given in this table. For example, if the terminal uses a secure processor and has an encrypted code execution cryptographic processing in non-volatile memory, in this case, the confidence index ICTthis terminal is equal to 65. The index ICTassociated with each terminal ID stored in the database and accessible by the server control words.

In Fig.4 shows a possible example is structure to table 116. This table 116 connects with each ID i channel confidence index ICcreflecting the likelihood that the multimedia content may be subject to attack. This index ICcalso characterizes the severity of the consequences if the protection control word to decrypt this channel i will be broken. Thus, this index ICcalso displays the probability of failing to protect the control words stored in the terminal. Indeed, the smaller the interest in illegal decryption of the multimedia content, the lower the probability of failing to protect the control words, allowing to decrypt the multimedia content. For example, there is no interest in hacking protection control words that allows you to decrypt free broadcast channel, i.e. a channel that you can view in the open without a paid subscription. Conversely, interest in the illegal decryption of multimedia content increases the value of the multimedia content. For example, the channel on which to transmit fresh films, is associated with a low index ICcbecause the risk of hacking protection control words, allowing it to decrypt is higher.

In this case, the table 116 contains two columns. Each row of this table 116 has a field containing the ID of the i, and the field is vyzyvayuschee with this ID i the index value IC c.Table 116 provides, for example, the system operator 2.

Further more detailed description of the operation of the system 2 with reference to the method shown in Fig.6.

First, at step 120, the device 6 transmits several different multimedia content simultaneously on multiple channels. On each channel cryptoperiod t and the following cryptoperiod t+1 is encrypted by control words, respectively CWi,tand CWi,t+1. Messages ECM containing the cryptogram CW*i,tand CW*i,t+1the control words CWi,tand CWi,t+1Packed together with the transmitted multimedia content. This seal allows you to synchronize the transmission of control words with multimedia content. In this case, the cryptogram CW*i,tand CW*i,t+1transmitted to the terminal during cryptoperiod t-1 preceding cryptoperiod t.

Usually messages ECM are repeated several times within one cryptoperiod. For example, messages ECM repeat every 0.1-0.5 seconds. The duration of cryptoperiod more than five seconds, and is preferably from 5 seconds to 10 seconds.

Each of the terminals 10-12 takes essentially simultaneously encrypted multimedia content. Thus, the following steps are carried out essentially in parallel to each of these terminals. The following stage is described for the particular case of the terminal 10.

At step 122, the terminal 10 receives the encrypted multimedia content with messages ECM.

Then at step 124 the demultiplexer 72 selects the encrypted multimedia content corresponding to the channel i, a request for decryption which is received from the user. At step 124, the demultiplexer 72 selects only messages ECM containing the cryptogram of the control word that allows you to decrypt this channel. The multiplexer 72 transmits the selected multimedia content to the decoder 74. As for the selected message ECM, they come in the processor 76.

At step 126, the processor 76 checks whether already in table 79 of the control word CWi,tdesigned to decrypt the next cryptoperiod channel i.

In case of positive result, the CPU 76 goes to phase 127 decrypt cryptoperiod t transmitted on channel i.

In particular, at step 128, the processor 76 sends to the decoder 74 of the control word CWi,tfound in table 79. The server 106 is not sent any requests to decrypt cryptograms CW*i,tand CW*i,t+1.

After that, at step 130, the decoder 74 decodes cryptoperiod t receive multimedia content via this control word CWi,t.

Then at step 132 the decoder 80 decodes the decrypted multimedia is the first content, which then flows on the video card 82.

Finally, at step 134, the video card 82 transmits the signal to the playback device 84 to launch the multimedia content on the screen 86 so that it could directly perceive and understand people.

If in table 79 of the control word CWi,tno, then at step 140, the terminal 10 transmits during cryptoperiod t-1 request to the server 106 to decrypt the cryptograms CW*i,tand CW*i,t+1contained in a received message ECM. For example, this query contains

- received message ECM and therefore a couple of cryptograms CW*i,tand CW*i,t+1and

- IDuthe user terminal that sent the request.

This request is sent to the server 106 via the transmitter 88 and through the network 92. All data exchanges between the terminal 10 and the server 106 occur via secure tunneling communication channel within the network 92. Establishing a tunnel channel requires identification and authentication of the terminal by the server 106, for example, by using a cryptographic certificate that is contained in the memory 78. Thus, the server 106 receives the IdTterminal that sent the request.

At step 142 in response to receiving this request module 108 retrieves from the database 102 access rights corresponding to the Idusoderjaschegosya this request. Then the module 108 compares the access rights with the terms and conditions of access SA contained in the request.

If the user's access rights do not meet the conditions of access of the CA server 106 goes to step 144 lock decryption channel first terminal 10. For example, the server 106 does not transmit any control words in the terminal 10.

Otherwise, the server 106 performs step 146 updates the user's profile. The user profile contains data that allow us to determine the probable time within which the user terminal 10 will produce decrypt this channel i. Thus, the user profile allows you to determine the likely number of consecutive cryptoperiods channel i, which will be decrypted.

This probability depends, in particular, from the habits of the user terminal 10. For this step 146, the server 106 monitors, does the accepted request decryption of the control words for the new channel. In the case of an affirmative result, this means that the user changed the channel. In this case, the server writes into the database when the user left the old channel and the time at which the user switched to a new channel. The server 106 writes the identifier i of the new channel, which is switched by the user. Thus, the data recorded in the database d is the R, allow to estimate the number of consecutive cryptoperiods who can view the user terminal 10.

Preferably the data recorded in this database are stored for a long period of time, to increase the accuracy of the probability, calculated on the basis of the data recorded in this database.

In addition, at step 146, the server 106 generates an index of reliability of the user profile. This reliability index indicates the degree of trust that can provide current written to the user profile. For example, the server 106 calculates the deviation between the probabilities computed for some time before that with the current user profile and using this database. The higher the deviation, the lower the reliability index. Indeed, this means that the user profile is not stable and, therefore, he cannot lend credence to a high degree.

After that, at step 148, the server 106 generates an index ICTterminal 10. To do this, it retrieves the index ICTtable 114 based on the IdTterminal 10, for example, obtained during authentication of the terminal during the phase of establishing the secure tunnel communications channel.

At step 150, the server 106 generates confidence index ICuon the use of the term is La. This index ICudisplays the probability that the terminal is currently under attack to exploit protect the stored control words. Thus, this index ICualso displays the probability of failing to protect the control words stored in this terminal.

The value of this index ICufor a given terminal receives based on the values of the error counters C1-C4.

In particular, during the operation 152 each time the terminal 10 transmits the request, updates the counters C1-C4.

In this case, the counter C1displays the number of switches of the channel for an hour.

The counter2shows the number of identical queries that are sent by the terminal 10 to the server 106 in one minute. Indeed, during normal operation, each request sent by the terminal 10 to the server 106, must be different from the previous one. Thus, the receipt of multiple identical requests allows to suspect abnormal use of the terminal 10 and, therefore, possible attempted burglary protection control words stored in this terminal.

The counter C3counts the number of times when it was impossible to verify the integrity of messages ECM, received in the request, for 24 hours. The message integrity ECM request is checked, if the signature is applied to razlichyanym messages ECM, allows to detect the signature MAC contained in this message. Otherwise, it means that the message ECM is not appropriate.

Finally, the counter C4counts the number of messages ECM with incorrect syntax, transmitted by the terminal 10 to the server 106 for 24 hours.

After that, during the operation 154, the value of each of these counters C1-C4convert in the assessment, which is lower the greater the abnormality of operation of the terminal. For example, use the conversion table of counter values in the assessment. For example, use the following table.

The number of shifts of the channel per hourAssessment NBZ
Less than 100100
From 100 to 36050
From 360 to 40020
More than 4000
The number of identical requests per minuteAssessment NBR
0100
From 1 to 250
Strictly > 2 0
The number of inappropriate messages ECM 24 hoursAssessment NBA
0100
Greater than or equal to 1 and strictly less than 450
Greater than or equal to 40
The number of syntax errors in 24 hourAssessment NBE
0100
Greater than or equal to 2 and is strictly less than 650
Greater than or equal to 60

During the operation 156 calculates the index value ICudepending on the values of the counters C1-C4converted in the assessment. For example, the index value ICudetermined using the following relationship:

ICu=min {_NBZ, _NBR, _NBA, _NBE}

where "min" is a function that returns the minimum of different values between the braces.

The index value ICuyou can also be calculated using other relations. For example, you can also COI is lesofat the following:

ICu=(_NBZ, _NBR, _NBA, _NBE)/4

At step 160, the server 106 generates an index 1CWithcorresponding to channel i, decryptable at the moment, the terminal 10. To do this, it retrieves the index of the ICcassociated with this ID i, from table 116.

At step 164, the server 106 determines the number NbCP control words for transmission to the terminal 10 in response to his request. This number NbCP may be more than two, which means that in addition to missing the control words CWi,tand CWi,t+1requested by the terminal 10, the server 106 may also pass additional control words CWsthat allows you to decrypt additional cryptoperiod channel i, even if the terminal 10 is not sent to the server 106 cryptogram corresponding to these additional control words CWs.

The number NbCP choose the greater, the lower the probability of burglary protection additional control words are transmitted to the terminal 10. This number NbCP determined from the previously generated index trust ICTICuand ICc.

For example, during the operation 166 first, depending on the index ICTICuand ICccalculate the maximum number NbMaxCP. In this case, the value of this maximum number NbMaxCP calculated using the following table.

The threshold for the index ICTThe threshold for the index UCuThe threshold for the index ICcIs NbMaxCP
0000
656501
2050501
6550505
20501005
655010010

The selected value of the number NbMaxC is the maximum value in the right column of the above table, in which each index ICTICuand ICcexceeds the relevant threshold specified in the same row. For example, if the generated index values ICTICuand ICcrespectively 70, 54 and 100, then the value of the number NbMaxCP equal to ten.

the donkey that during the operation 168 number NbMaxCP adjust depending on user profile, a certain stage 146. Usually the value of the number NbMaxCP reduce, if the probability that the user will remain on the channel i during NbMaxCP serial cryptoperiods below a predetermined threshold.

Then during operation 170, the value of the number NbMaxCP compared with 0. If the value of this number is zero, the server 106 blocks decryption the following cryptoperiods channel i. To do this, it performs step 144.

Otherwise, the number of NbCP temporarily take is equal to the number NbMaxCP.

Then during the operation 172 number NbCP adjusted in such a way so as to evenly distribute the workload to the server 106 for each of the following cryptoperiod. In this case, the server 106 adjusts the number NbCP based

from estimates of the workload of the server 106 for each cryptoperiod and

from giving the final value of the number NbCP designed for transmission of control words, to more evenly distribute the workload of the server 106 for each of the future cryptoperiod.

In this case, the workload of the server 106 is measured by the probable number of requests processed by the server 106 during one cryptoperiod.

For example, assess the workload of the server 106 for ten future cryptoperiods remain in the workload table. Por the measures in this table are presented below.

No. of cryptoperiod/channel IDtt+1t+2t+3t+4t+5t+6t+7t+8t+9
11100084648891671259981186580117776861212567
21200768011112810218999698576850688075898359
3..................... .........
I22963211172254622989231511789615069150331507714211
N880891765610877880910898961499

In this case, the rule that gives the final value of the number NbCP, build in such a way as to optimize the following two criteria:

1) NbCP must be equal to or as close as possible to its maximum value NbMaxCP, and

2) the value of the number NbCP should allow more evenly distribute the workload of the server 106 on each of the ten upcoming cryptoperiod.

For example, use the following rule:

NbCP=Min{Loadi(j)*K(NbM-j)}

where

- Load(j) is the workload of the server 106 during cryptoperiod i to decrypt the channel i;

- It is con what Tanta, strictly greater than 1;

- i is an integer varying from t to NbMaxCP.

For example, if the application of this rule and the values contained in the table above, in the case when channel i is the second, the value of the NbCP is 8, if the constant K is equal To 1.1 and NbMaxCP is 10.

Finally, the closer the constant to 1, the more adjusted number NbCP can be removed from the value of the number NbMaxCP.

After determining the number NbCP on stage 174 update the assessment of the workload of the server 106. To do this, put forward the following two assumptions:

1) the user changes the channel, and

2) the terminal sends the following query during cryptoperiod, which precedes cryptoperiod, during which he was not transferred to any of the control words.

Therefore, under these assumptions, the following query transmitted by the terminal 10, is within cryptoperiod t+NbCP-2. Thus, incrementorum the importance of evaluating the workload of the server 106 for channel i during cryptoperiod t+NbCP-2 for a pre-defined step. For example, the step is usually equal to 1. This value retain the above workload table.

At step 174 at the end of the current cryptoperiod t-1 from the table workload wash the column corresponding to cryptoperiod t, and columns corresponding to cryptoperiod from t+1 to t+9, move left one column. This is frees one blank column for the new cryptoperiod t+9.

After that, at step 176 table 112 extracts the control word necessary for decryption serial cryptoperiods from t to t+NbCP-1.

At step 178 NbCP extracted control words are sent to the terminal 10, so he can decrypt NbCP following cryptoperiods channel i, not directing the request to the server 106. This reduces the workload on the server 106, as the frequency of requests is reduced, at least for some terminals. The protection system 2 does not suffer, because only those terminals for which the probability of incursion transmitted control word is low, gain additional control word.

At step 178, if necessary, the server 106 transmits the control words for the other channels other than the channel i. This allows, in particular, to speed up the decryption of the new channel after switching from the previous channel to the new channel. It can also reduce the workload of the server 106, as in response to a change of channel to the terminal is not necessary to send a new request to the server control words. The number of control words transmitted to other channels other than channel i, at step 178, to determine, for example, in the same way as described for channel i, or otherwise.

Finally, at step 180, the terminal 10 receives the new control with the ova and writes them in table 79 for further use in order to decrypt the following cryptoperiods channel i.

For implementing the method shown in Fig.5, the table 112 is a need to constantly update to it in advance contained in the control word necessary to decrypt future cryptoperiods each channel. To do this, carry out the method shown in Fig.6. At step 190, the generator 32 of the control words in advance generates a control word that will be used to decrypt future cryptoperiods transmitted multimedia content. For example, the generator 32 generates in advance from two to 100 control words and preferably from 10 to 30 control words.

At step 192 these control words are received at the server 106, which writes them to the table 112, so that it always contains a control word that is required to decrypt cryptoperiods t, t+1, t+2, ... and so on, for Example, these control words are sent to the server 106 via a secure communication line directly connecting device 6 with the center 90 of the control network.

At step 194, the server 106 updates the table 112 using the obtained additional control words. To provide a view delineating multimedia content, the server 106 stores the table 112 records corresponding previous cryptoperiod.

Other options are also possible implementation, for Example, you can use other indexes of trust, other than those described what's in this application, in order to estimate the probability of incursion of control words stored in the terminal. Similarly, you can use other ways to calculate the indexes of trust ICTICuand ICc.For example, the index value ICccan be calculated depending on the current measurement of the audience of the channel i, the decoded channel, and not on the basis of predetermined values recorded in table 116, as described above.

The number NbCP can be determined on the basis of only one or only two of the indices ICTICuand ICc.

Similarly, other possible ways of calculating the NbCP. For example, the number NbMaxCP can be obtained using the following relations:

NbMaxCP=E(10×(ICT+ICu+ICc)/300),

where E is a function of the integer part.

In another embodiment, the determining the number of NbCP not use the user profile.

There are also other methods of correction number NbCP to distribute the workload of the server 106. For example, to distribute the work load across different cryptoperiod there is no need to estimate the workload for each of these cryptoperiod. For example, the correction number NbCP is random or pseudo-random selection of numbers from 1 to NbMaxCP.

Assessment of workload accounted for correcting the number of NbCP may be an estimate of the total working on the power for all channels, instead of rating a channel by channel, as described above. For example, the total load during cryptoperiod get by summing server workloads 106 for each channel i during the same cryptoperiod.

The cryptogram of the control word or control word contained in the request transmitted to the server terminal 106 may be an identifier designed to decrypt cryptoperiod, as well as the number or label of the time the nearest cryptoperiod decipherable on the channel. In this embodiment, not necessarily to the transmitted request additionally contains the cryptogram of the control word CWi,tobtained by encryption of the control word using a secret key. Indeed, channel ID and rooms next cryptoperiod enough to the server 106 could be found in the table 112 of the control word for transmission to the terminal in response to his request.

Update user profile can be done differently. In particular, in another embodiment, the terminal monitors the change of channels and at each change of the channel sends the corresponding information to the server 106, so that he can update the user profile of the terminal. In this case, you can consider switching channels, even if they are not associated with immediate p is the transfer of a new request to the server 106. Indeed, the control word, allowing to decrypt the new channel could be obtained in advance and recorded in table 79.

In our case, the table 112, 114 and 116, and the counters C1-C4were presented as contained in the memory 110. However, this table may be contained elsewhere in the system 2, for example, in the memory, remotely requested by server 106.

In another embodiment, the control word transmitted by the server to the terminal is sent in encrypted form so that only the terminal destination of this control word can decrypt these control words. In this case, the use of secure tunneling communication channel is not required.

In version 2 of the control word CWi,tpassed during cryptoperiod t and not during cryptoperiod t-1.

All the above can be applied to the linearized multimedia content and redelineation multimedia contents.

1. Way to decrypt the control words for terminals mechanically and electronically independent from each other, comprising stages, which
in response to the absence in any of the terminals of one or multiple control words CWcto decrypt one or more cryptoperiods multimedia content transfer (140) via the specified terminal is a server control word query, containing the cryptogram(s) of the specified one or multiple missing control words, and
in response, transmit (178) using the server control words in the specified terminal specified one or many missing control words,
with the server control words
define (164) selectively for each terminal number of additional control words CWsintended for transmission to the terminal, depending on the probability of compromising the security of such additional key words and
in addition to missing the control words CWcpass (178) in the specified terminal specified a certain number of additional control words CWsthat allows the terminal to decrypt additional cryptoperiod multimedia content in addition to cryptoperiods, decryptable using the requested missing control words CWc.

2. The mode of transmission of control words in the terminals mechanically and electronically independent from each other, for implementing the method under item 1, the method includes:
transfer (178) in any specified terminals of missing the control words CWcin response to a request of the specified terminal, containing the cryptogram(s) missing control words,
definition (164) selectively for each terminal number to the control words CW stransmitted to the terminal, depending on the probability of compromising the security of such additional control words,
in addition to missing the control words CWctransfer (178) in the specified terminal specified a certain number of additional control words CWsthat allows the terminal to decrypt additional cryptoperiod multimedia content in addition to cryptoperiods, decryptable using the requested missing control words CWc.

3. The method according to p. 2, in which the number of additional control words set (172) according to
estimates of the number of requests to be processed by the server control words for several upcoming cryptoperiod, and
from the rules for determining the number of eligible transmission of additional control words depending on the above assessment, which allows more evenly on the future cryptoperiod the number of requests to be processed by the server control words for each of these future cryptoperiod.

4. The method according to p. 3, in which the server control words estimate (174) the number of requests to be processed during future cryptoperiods, based on the number of additional control words transmitted to the terminal by the server specified in the past, cryptomeria is s and the current cryptoperiod.

5. The method according to p. 2, in which the number of additional control words is determined depending on a random number selected randomly or pseudo-random, interval numbers, the value of which depends on the probability of compromising the security of the control words stored in the terminal.

6. The method according to p. 2, in which the number of additional control words CWsset (168) also depending on the likely number of consecutive cryptoperiods the specified multimedia content to be decrypted by the specified terminal.

7. The method according to p. 2, in which the probability of compromising protection additional control words CWsdepends on the identifier of the terminal, and/or counter the errors of the specified terminal, and/or identifier of the multimedia content.

8. The method of receiving control words terminal for implementing the method under item 1, in which in response to the absence of the specified terminal one or multiple control words CWcto decrypt one or multiple cryptoperiods multimedia content using the specified terminal transmit (140) in the server control word query containing the cryptogram(s) of the specified one or multiple missing control words,
in addition to the requested missing control words using the specified those who minal accept (180) a certain number of additional control words, that allows the specified terminal to decrypt additional cryptoperiod the specified multimedia content in addition to cryptoperiods, decryptable using the requested missing control words CWc.

9. The recording media data containing commands for implementing the method according to any one of the preceding paragraphs in the execution of these commands electronic computing device.

10. The server control words for terminals mechanically and electronically independent from each other, intended for implementing the method under item 1, the server (106) is arranged to transmit on any of the terminals of one or many missing control words CWcin response to a request from the specified terminal, containing the cryptogram(s) of the specified one or multiple missing control words,
the server (106) of the control words performed with the opportunity
sample definitions for each terminal number of additional control words CWsto be transmitted to the terminal, depending on the probability of compromising the security of such additional key words and
transfer to the specified terminal in addition to missing the control words CWcspecified a certain number of additional control words CWsthat allows the terminal Dechy is its additional cryptoperiod multimedia content in addition to cryptoperiods, decryptable using the requested missing control words CWc.



 

Same patents:

FIELD: radio engineering, communication.

SUBSTANCE: apparatus comprises: a unit which stores a key used for encrypting or decrypting data; a unit which receives a key transmission request including a key-dividing number via a wireless signal from an operation terminal; a unit which acquires a key transmission request from the wireless signal received by the reception section; a unit which determines a security level when transmitting the key to the operation terminal, as a transmission security level; a unit which determines a transmission power in accordance with the transmission security level determined by the security level determination unit and the key-dividing number included in the key transmission request acquired by the key transmission request acquisition unit; a unit which acquires each key fragment by dividing the key stored in the storage unit into the key-dividing number; and a unit which transmits the each key fragment acquired by the key acquisition unit using the transmission power determined by the transmission power determination unit, via a wireless signal to the operation terminal.

EFFECT: safer data transmission.

15 cl, 9 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to a network operation method. A network comprises a node and a system control device. A system control device comprises a root key material which is a set of functions, each having a degree of complexity α, and a node is provided with a portion of key material of a node having a degree of complexity α extracted from the root key material. The system control device generates a portion of key material for an external user with a degree of complexity α from the root key material and generates an access identifier. The system control device generates access key material with a degree of complexity less than α from the portion of key material for the external user and generates a node identifier. The system control device provides the external user with a portion of access key material and the node identifier. The external user extracts a key from the portion of access key material and sends to the node said key and access identifier. The node calculates a key from the access identifier and the portion of node key material and compares the key sent by the external user and the key calculated by the node in order to identify the external user.

EFFECT: improved security.

14 cl, 4 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to methods of providing secure communication in a network. The method comprises: an administration device provided with root keying materials, and steps of: generating, by the administration device based on the root keying materials, parts of keying material of a first node containing a certain number of sub-elements, and parts of keying material of the first node, assembled for generating a first terminated key, the administration device selects a subset of sub-elements of the first parts of the keying material, wherein the number of selected sub-elements is less than or equal to the total number of sub-elements of the first parts of the keying material, and the selected sub-elements form partial parts of the keying material of the first node or a symmetrical key generation mechanism, the first node generates, based on the symmetrical key generation mechanism of the first node and on a second node identifier, a first key used to provide secure communication with a second node.

EFFECT: more secure data transmission in a network.

6 cl, 7 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering and specifically to means of secure communication in a network. The method relates to secure transmission of information from a first node (N1) to a second node (N2) in a network, the first node comprising a first node keying material (KM(ID1)), the second node comprising a second node keying material (KM(ID2)), wherein the keying materials of the first node and of the second node comprise each a plurality of shared keying root parts formed by segments of the shared keying root parts. A communication network, having at least two communication devices, carries out said method.

EFFECT: safer communication by dividing keys into segments for predistributed keying material according to a variable distribution.

13 cl, 5 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering. A method of controlling access to a set of channels using a receiver/decoder comprising a security module (SC), each channel being encrypted by a specific channel control word (CW1, CW2), each channel having a channel identifier and transmitting access control messages ECM containing at least the current channel control word and the channel access conditions. The method comprises the following steps: tuning to a first channel having a first channel identifier (ID1); transmitting the ID1 to the SC; receiving first access control messages ECM1 containing a first control word (CW1); transmitting the first access control messages ECM1 to the SC; decrypting the first access control messages ECM1 and verifying the channel access conditions; if the access conditions are met; transmitting the CW1 to the receiver/decoder; storing of the CW1 and the ID1 in the SC; tuning to a second channel having a second channel identifier ID2; transmitting the ID2 to the SC; calculating, by the SC, the second control word (CW2) by performing the following steps: calculating a root control word (RK) with an inverse cryptographic function F-1 using the CW1 and the ID1; calculating the CW2 with the cryptographic function F using the RK and the ID2; transmitting the CW2 to the receiver/decoder.

EFFECT: reducing channel switching time when a user selects another channel.

9 cl, 3 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to distribution of a cryptographic secret key between a transmitting side and a receiving side. An apparatus for secure reception and transmission of data comprises a key generation controller and a unit for providing the number of iterations.

EFFECT: facilitating automatic control of security and latency for generating a cryptographic secret key by setting a number of iterations, based on which the number of messages to be exchanged while generating the cryptographic secret key is controlled.

11 cl, 17 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to a wireless communication device. The device includes: a plurality of communication modules for transmission, which are adapted to modulate and transmit a transmission object signal; the communication modules for transmission include at least one communication module for transmission in which a modulation method is employed, which is different from the modulation method employed in another communication module(s) for transmission.

EFFECT: transmitting a signal appropriately even with low carrier frequency stability.

20 cl, 78 dwg

FIELD: radio engineering, communication.

SUBSTANCE: network component having a processor connected to memory and configured to exchange security information using a plurality of attributes in a management entity (ME) in an optical network unit (ONU) via an ONU management control interface (OMCI) channel, wherein the ME supports a plurality of security functions that protect upstream transmissions between the ONU and an optical line terminal (OLT). Also included is an apparatus having an ONU configured to connect to an OLT and having an OMCI ME, wherein the OMCI ME has a plurality of attributes that support a plurality of security features for upstream transmissions between the ONU and the OLT, and wherein the attributes are transmitted via an OMCI channel between the ONU and the OLT and provide the security features for the ONU and the OLT.

EFFECT: high security of data transmission in PON systems.

20 cl, 5 dwg, 6 tbl

FIELD: radio engineering, communication.

SUBSTANCE: quantum cryptographic system not only enables to detect any attempts at intruding into a communication channel, but also guarantees unconditional secrecy of transmitted cryptographic keys under the condition that an error at a receiving station in primary keys does not exceed a certain critical value. The method involves generating polarisation states at a receiving/transmitting station for a series of classic synchronising laser pulses using a polarisation controller in one arm of an interferometer and a polarisation controller at the output of the interferometer, which facilitate interference balancing of the interferometer; after reflection from a mirror in a transformation station, a series of single-photon states is detected at the transmitting/receiving station and the obtained photocount statistics are used to calculate the permissible error, which is then compared with a certain error threshold to obtain a cryptographic key known only at the transmitting/receiving and transformation stations.

EFFECT: wider range of possible distortions of polarisation of laser and single-photon pulses when transmitting keys between transmitting/receiving and transformation stations, in which is guaranteed the secrecy of cryptographic keys and the lifting of the condition of using a special Faraday mirror.

2 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to authentication methods and specifically to methods and an apparatus for authentication of subscribers in IP telephony networks. The technical result is achieved due to that the disclosed method for authentication through a user device when attempting to access an IP telephony network comprises steps of: obtaining one or more private keys of said user from secure memory associated with said user device; generating an integrity key and a ciphering key; encrypting said integrity key and said ciphering key using a session key; encrypting said session key with a public key of said IP telephony network; and providing said encrypted session key, encrypted integrity key and encrypted ciphering key to said IP telephony network for authentication using a public key infrastructure (PKI) coupled with an authentication and key agreement (AKA) mechanism.

EFFECT: more secure communication.

7 cl, 4 dwg

FIELD: communication systems.

SUBSTANCE: system has receiver, transmitter, processing element, connected to receiver and transmitter and controlling receiver and transmitter, digital rights module, connected to processing elements and controlling operation of communication device in digital rights environment on domain basis, while digital rights module of communication device together with dispenser of domains of digital rights environment on domain basis is made with possible selective addition of communication device to domain, owning one or several communication devices, which together use a cryptographic key.

EFFECT: possible selective retrieval and decoding of digital content on basis of membership in a domain.

10 cl, 11 dwg

FIELD: data transfer technologies.

SUBSTANCE: device which should be transmission destination, is authenticated, and if device is not authorized, then encrypted data, read from memorizing device, are decoded to produce decoded data, which are then encrypted again on basis of data of specific device key, received from device, which should be transmission destination for receiving re-encrypted data. Re-encrypted data are then transferred to device, which should be transmission destination.

EFFECT: forbidden unauthorized copying of data.

8 cl, 13 dwg

FIELD: electric communications and computer engineering, in particular, methods and devices for cryptographic transformation of data.

SUBSTANCE: the essence of method is in generation of binary vector, appropriate for date and time of discontinuous message transfer, generation of binary vector of secret parameter, generator of binary identification vector and addition thereof to discontinuous message. Message is different from known methods because it includes additionally forming a random binary vector and binary vector of protection key, while binary vector of secret parameter is formed by double compressing of random binary vector, while binary identification vector is formed by transformation in circle of residue class by module p of binary vector, appropriate for data and time of transfer of discontinuous message and binary vector of secret parameter.

EFFECT: rejection of false messages, increased speed of process of confirming authenticity of discontinuous message.

1 dwg

FIELD: ciphering key transmission methods and systems.

SUBSTANCE: according to proposed method same information Kc is afforded for more than one receivers 1 pertaining to receiver group G; each receiver saves SAi information unambiguously assigned to the latter. Kc information is determined by expression Kc = f(K,biSAi), where f is desired function; K is information common to all receivers; b1 is information different for each receiver and for each value of information K. Each receiver is given access to information b1 prior to submitting information Kc. Information K is transferred to all receivers directly prior to submitting information Kc so that each receiver can calculate the latter using mentioned expression.

EFFECT: simplified design and enhanced response of system to piratical cards.

13 cl, 2 dwg

FIELD: data transmission.

SUBSTANCE: in accordance to the invention, data of content of input digital data is encrypted on basis of data of first key, which is then encrypted on basis of function, generated on basis of a random number, and data of second key, generated with usage of data of specific key of device and common key data. During decoding, encoded data is received, consisting of encrypted content data, encrypted first key data, random number and common key data, second key data is generated on basis of specific device key data and common key data, encrypted first key data is decoded on basis of generated second key data and function, generated on basis of random number, encrypted content data is decoded on basis of decoded data of first key.

EFFECT: unauthorized data copying is prevented.

2 cl, 13 dwg

FIELD: data transfer.

SUBSTANCE: in accordance to the invention, digital data are decoded, which are encrypted on basis of specific device key data, which is supposed to be transmission destination, data is extracted from decoded encrypted data, which is related to copying conditions, and recording of decoded encrypted data into recording device is performed on basis of extracted data, related to copy allowing conditions.

EFFECT: prevented unauthorized copying of data.

2 cl, 12 dwg

FIELD: information encryption.

SUBSTANCE: method includes forming quantum photonic status sequence on the transmitting station to encode encryption keys and transmission of these statuses via open space to receiving station; at that, the distance between the stations is previously measured and clock on both station is synchronised; then, transmitting station converts quantum photonic statuses to one- or multiphoton orthogonal statuses and measures their sending time, which is sent to receiving station; the receiving station measures receiving time of the one- or multiphotonic quantised statuses, determines delay value, using which decoding and eavesdropping are performed.

EFFECT: provision of encryption key security during its long-distance transmission via open space, provision of long-term stability and reducing error stream in transmitted encryption keys on receiving station.

3 dwg, 2 tbl

FIELD: information technology.

SUBSTANCE: system and the method of information protection in computer networks based on key distribution, includes numerous units and a trust centre (TC). All the units are connected with one another and with the TC by communication channels. Each unit of the network and the TC has executive processor circuit as well as memory. TC includes the pseudo-random number generator designed to generate long-term keys, key blocks, primary incidence sub-matrix of lower size for building the incidence matrix (IM) of the required size; to form half-weight columns with the required number of binary bits for building the IM of the required size on the basis of the primary lower-size sub-matrix, with the extension capacity of the IM depending on the number of the network units communicating to one another to transfer the formed key blocks to the network units involved in the data exchange process through the communication channels. One key block corresponds to each unit; the processor executive circuits of the network units form the common secret key in order to ensure confidentiality while exchanging information between the units.

EFFECT: simplification of the key distribution method.

10 cl, 2 dwg

FIELD: information systems.

SUBSTANCE: invention refers to the data processing systems and, particularly, to the methods and devices providing cryptographic protection in the data processing system. The broadcasting key, renewed through a long lapse of time, is encrypted using a registration key and is periodically supplied to a user. The key with a short-time renewal is encrypted using the broadcasting key. The short-time key is available with each broadcasting message, thereat the information, sufficient for calculating the short-time key, is provided in the internet protocol header preceding to the broadcasting content. The broadcasting messages are then encrypted using the short-time key, thereat the user encrypts a broadcasting message using this short-time key.

EFFECT: creation of protected and efficient method of keys renewal in the data processing system.

24 cl, 30 dwg

FIELD: information technologies.

SUBSTANCE: invention refers to data transmission, specifically to effective cryptographic data transmission in real-time security protocol. Transmitting terminal can be used for data decoding with session key received from bitstream. Bitstream can be transmitted with head information to transmitting terminal. To maintain bandwidth the information can be divided into parts, and each part is transmitted with encrypted data package. Transmitting terminal can be used for restoration of bitstream from information parts comprising package headers, and use of bitstream for session key receiving. Session key can be used for data decoding.

EFFECT: higher cryptographic security of transferred data.

24 cl, 6 dwg

Up!