Method of protecting multimedia content and service

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to multimedia content protection. A method of protecting content (6) scrambled using a content key CW transmitted encrypted by a content access key K, characterised by that said content is transmitted by a transmission system to at least one receiving terminal (4) using a service, provided locally in said receiving terminal using a set of properties Pi, i ranges from 1 to n, known for the transmission system, where each of said properties Pi is represented by a data element xi recorded in said data transmission system, and using a local data element yi with local access, intended only for reading in said terminal, and during transmission, said method comprises a step of super-encrypting said content key CW using at least one invertible super-encryption function fi(xi), which depends on at least one of the properties Pi, i ranges from 1 to n, and upon reception, the value of said super-encrypted content key CW is disclosed by applying to said super-encrypted content key CW an inverse super-encryption function f i 1 ( y i ) corresponding to the property Pi.

EFFECT: efficient protection of multimedia content from illegal redistribution.

9 cl, 3 dwg

 

The invention relates to the field of content protection, and more specifically, is directed on protection of multimedia content and services distributed by the operator several subscribers from receiving terminals, suitable for this purpose.

The invention also relates to a receiving terminal, is arranged to receive such content and services, and a computer program recorded on a recording medium and is capable of embodiment of the method, when executed on the computer.

The method is applied to protected content supplied to the terminals, such as set-top boxes, computers or mobile phones, and is aimed in particular at improving the protection of economic models of operators and technology vendors, content protection, preventing the illegal redistribution of this content.

The level of technology

Fig. 1 schematically illustrates a typical architecture for presenting content, scrambled with 2 scrambling to terminal 4 connected to the network operator.

This architecture for presenting content normally protects the content that is intended for transmission 6, which was previously scrambled on the side of the operator using the scrambling module 8, using CW key content.

Key content then �ifruit using the key To access the content, using the function F, and then passed in the form of a cryptogram CW* operator agent 10, which manages access to the content set in the terminal 4.

The conditions governing the authorized use of the content may be transmitted to the terminal simultaneously with the key To access the content.

The disclosure of a key To access the content of the agent 10, with regard to its supply to the module 12 eliminate scrambling from the terminal 4, depends on what the agent 10 initially receives the right to access the content, which usually takes material form, at least, and receives a key To access the content.

The key To access to the content received by the agent 10, and then used for decrypting the cryptogram key content, applying the function F-1that is an inverse of the function F, and thus reveal the CW key content. The latter is then fed into the module 12 eliminate scrambling, which is installed in the terminal 4.

The CW key content can be updated regularly over time, in particular, in the case of linear content, for example, in accordance with a pre-defined encryption period, usually 10 seconds for streams broadcast.

Such protection of the content is typically used by conditional access system, or CAS, or system administration�of strirovaniya digital rights, or DRM. The rest of this disclosure features and functions of such systems, which are well known to those skilled in the art, are not described in more detail. For more information the reader can refer, for example, to the following documents:

as to the conditional access system, "Functional Model of a Conditional Access System", EBU Review, Technical European Broadcasting Union, Brussels, BE, n° 266, 21 December 1995;

with regard to digital rights management systems, "DRM Specification", Open Mobile Alliance OMA-TS-DRM-DRM-V2_0_2-20080723-A, Approved version 2.0.2 -23 Jul 2008.

In addition to the protection of content, such architecture for presenting content provides protection services mentioned content. This protection is usually provided by the agent 10 controls and using the bootloader. These two elements are usually based on the security features chipset terminal, depending on the availability of these features in the selected chip set.

Protection services primarily is to ensure functional compliance of processes performed by the system objects, in particular terminal, and configuration data used by the latter, respectively, with the processes and data provided by the operator.

This may include, for example, protection of the activation of the storage device or the use of re�eny, preventing the reproduction memory, or decision, the anti-tracking program, the purpose of which is to prevent monitor the performance of computer programs that perform the elimination of the scrambling of the content in the terminal.

Protection services usually refers to a cryptographic based technologies and, more generally, on the use of safety features installed in the design of the terminal or in the phase of integration. The latter take the form of, for example, requirements that are transmitted from the supplier of technologies for the protection of the content or service provider content, in industrial companies with the task of making the chipset or the respective terminals.

Compliance with such requirements can be verified, in particular, through a process of certification or certification on very limited samples of terminals prior to their release to the market.

Content protection and protection services are complementary within the architecture providing the content to ensure the effective flow of the content. Although they are logically interrelated, these forms of protection, however, are not usually associated with their performance. Indeed, the inability to meet the requirements of the security policy or security services normally open port JTAG control�of integrity nonactivated code no unauthorized deactivation of outputs (HDD, analog outputs, etc.), or unpatched version of the whole or part of the software environment does not prevent the possibility of disclosure of key content or use of this content.

It should be noted that the problem of re-distribution of keys CW content currently represents one of the main defects of systems of presenting content. Resistance and update security software protection key CW content from the input processing unit, unless it is used in decryption module chipset terminal, remain a big problem.

In addition, in the case of broadcast content in a set of terminals receiving, effective use of the security requirements and the security policy services can be checked dynamically with the set of terminals. And the inability to meet these requirements in one of the terminals could potentially threaten the entire economic model of the operator.

In addition, the submission of a proposal, for example, might include ads or links with other related services, such as services associated with the supply of content, widgets or data services, which may be equally important for the operator. This means that h�about the operator can differentiate itself from the competition, offering individually tailored user experience.

In addition to content, respectively, it is equally important to protect the submission of a proposal and associated services.

One goal of the invention is to associate, from the point of view of its execution, protection of content provided by the operator, to protect services that support its filing, including the submission of the proposal and associated services in order to ensure the durability of the economic model of the operator.

In the rest of the document the term "superherofan is used when data needs to be protected, encrypt, at least twice, using common or separate symmetric or asymmetric encryption algorithms, and using at least two separate keys, which, respectively, are secret or open.

Summary of the invention

This object is achieved by a method for the protection of scrambled content using the key CW content, which is transmitted encrypted by using a key To access the content, applying the function F, which referred to the content served by the transmission system, at least one receiving terminal, by using the service, made locally in the receiving terminal, using a set of protection Pi, i is �t 1 to n, known for the transmission system, where each of the mentioned characteristics of the Pirepresented by the xidata stored in said data transmission system, and using the local elementidata access is intended only for reading in the terminal.

The method in accordance with the invention contains during the transfer phase, consisting in sverhcheloveki mentioned CW key content using at least one invertible function fi(xi) sverhdorogaya, which depends, at least one of the properties of Pi, i=1 to n.

In accordance with a preferred embodiment of the implementation, this method includes the following steps:

during transmission,

- define a non-empty subset of properties in Pifor i equals 1 to n, to check,

- perform swerhteplowoj mentioned key CW content, by applying to the CW key of the content of the reversible function fi(xi) superterrane for each property Pifor i equals 1 to n, the subset of ER,

- transmit mentioned sverhkachestvennye CW key of the content to the terminal (4), and during the reception,

- for each property Pibelonging to the mentioned subset of ER, read the local element of yidata mentioned terminal representing mentioned with�eusto P i,

- reveal the value of CW mentioned sverhzaryadnogo CW key content by applying to sverhzaryadnom the CW key content of inverse functionsfi-1(yi)sverhdorogaya for each property Pireferred to a subset of the EP, i=n-1,

- remove the scrambling of the contents through the open key of the content.

It should be noted that fi(xi) and fi(yi) are the inverse functions for a given pair of values (xi, yi), a pair, in which each element represents a property Piservice, respectively, in the transmission system and the receiving terminal. Thus, for sverhdorogaya CW key content using at least one of the reversible function fi(xi) sverhdorogaya calculated in the transmission system, if the element has aidata that is read locally at the receiver differs from the expected value, the inverse function of fi(yi) sverhdorogaya calculated and applied to sverhzaryadnom key CW content, will be false. In this case, the CW key content will not be revealed, and the resulting value will be CW, Otley�Noah from CW. The reversing block scrambling, use the value of CW for the processing of scrambled content, and therefore will not be able to eliminate him scrambling. The mismatch properties of Piservices, therefore, does not accurately disclose the CW key content and therefore does not resolve his scrambling.

Thus, if the transfer of several properties Pifor i equals 1 to n, are taken into account, they will be taken into account when taken in reverse order, that is, when i change from n to1.

If at least one of the set of pairs (xi,irepresenting the property Piwill not match the corresponding functions fi(xi) and fi(yi) sverhdorogaya will no longer have an inverse relationship, respectively, the disclosure of CW key content and the elimination of the scrambling of the content will be terminated with an error.

In the present preferred embodiment of the running swerhteplowoj CW key content of at least one function fi(xi) sverhdorogaya, characteristic properties of Piservices, is an advance encryption in the sense that it occurs in the method in accordance with the invention before encryption with the key To access the content in accordance with the prior technical�I. In an embodiment of the invention such swerhteplowoj performed after encryption with the key To access the content, and thus, it is the subsequent encryption.

In embodiments that use multiple sverhcheloveki, the latter may, in accordance with another variant of the invention to have at least one pre-encryption and at least one subsequent encryption, as defined above.

Preferably, the CW key content reveal only after the implementation of all properties Pifor i equals 1 to n.

In an embodiment of the method, in accordance with the invention, during transmission sverhkachestvennye key CW transmit content to the terminal is synchronized with the list of reference positions, representing a subset of the EP properties of Piservices that need to be checked, the corresponding elements of xifor i equals 1 to n, the data used for the calculation of fi(xi) sverhdorogaya and for data items yifor i equals 1 to n, are used to calculate the terminal inverse functions fi(yi) sverhdorogaya, and during the reception terminal sequentially applies the inverse of the functionfi-1(yi) to sverhzaryadnom the CW key content and receives as a result of the open key CW' for i varying from n to 1.

Introduction properties of Pifor i equals 1 to n, perform systematically or on a one-time basis.

The invention embodies the use of the platform for scrambling content scrambled with a key CW content, the encrypted key To access the content and supply at least one service operator, at least one receiving terminal, containing:

a means for configuring these services using the set containing the number of elements of the configuration data xifor i equals 1 to n, where each one defines a property Pifor i equals 1 to n, the context for the realization of the latter service terminal,

- encryption tool mentioned CW key content using at least one digital encryption values, calculated as a function of at least one item of configuration data xifor i equals 1 to n.

Receive-side scrambling eliminate content with platform removal scrambling containing:

- a means for restoring each of the digital values of xifor i equals 1 to n, the encryption used� function fi-1that is a change of the function fifor i equals 1 to n,

- a means to decrypt the CW key content

- a means to resolve the scrambling of the content using the key CW content.

It should be noted that the method in accordance with the invention allows the installation of the hardware and/or software configuration of services that support the supply of available content to the terminal, designed to be used not only to test the configuration of this service, but also for generating at least one key of sverhdorogaya submitted content so that any change of the above-mentioned configuration settings of the service leads to erroneous key content.

designation corresponds or not a service, so that, in this case represents only the consequence of the method in accordance with the invention that, in addition, has the advantage consisting in the fact that he has no known vulnerabilities to attacks of logical transitions due to tests.

Brief description of the drawings

Other characteristics and advantages of the invention will become apparent from the following disclosure, are presented as non-restrictive example with reference to the accompanying drawings, to�which:

- Fig. 1 schematically shows a conventional architecture for the distribution of scrambled content from the operator to the terminals connected to the operator via the communication system,

- Fig. 2 schematically shows a first variant of the method in the architecture of Fig. 1,

- Fig. 3 schematically shows a second variant of the method in the architecture of Fig. 1.

A detailed description of the invention

In the rest of the disclosure, identical references are used to designate elements common to the drawings illustrating the architecture of the prior art and for the different figures that illustrate the invention.

Fig. 2 schematically shows the General principle of the invention, consisting in respect of disclosure of key CW content with one or more elements of xifor i equals 1 to n, the configuration data, the services provided by the operator.

To this end, as shown in Fig. 2, the platform 2 scrambling module 20 has to sverhdorogaya CW key content before encryption key To access the content containing the n submodules 22ifor i=1 to n swedservay, where each sub-module 22icontains a procedure that must be selectively applied to the encrypted key CW reversible function fifor i equals 1 to n, having as its input parameter� element of x ifor i equals 1 to n, the data that represents the property Pi, i is from 1 to n, the context of use of these services by means of a terminal 4. This reversible function swedservay will be denoted as fi(xi).

It should be noted that the property Pifor i equals 1 to n, the services provided in the transmission with the use of xithe values specified by the operator, and at the time of their admission - corresponding values iniobtained by measurement or by calculation in the environment of the terminal 4.

Terminal 4 has, in addition to the agent 10 access control module 40 of the calculation is intended for selective application to sverhzaryadnom key CW inverse functionsfi-1(yi)for i equals 1 to n, swedservay, which is an inverse function of fi(xi),(i equals 1 to n used during transmission, for sverhdorogaya key CW. When xiand yimatch expected values,fi-1(yi)(fi(xi)(CW)=CW, if �the applicable two functions fi(xiandfi-1(yi)no longer are in an inverse relationship.

The computing module 40 has n computing submodules 42ifor i equals 1 to n, the purpose of which is to use a CW key content decrypted using the function F-1and at least one functionfi-1(yi)(i equals 1 to n, which is an inverse function of function fi(xi), i equals 1 to n, swedservay used in the platform 2 scrambling.

10 agent access control is arranged to feed the key To access the content and elements of yifor i equals 1 to n, data corresponding to the data xiused by the platform scrambling to calculate the key of fi(xi), i equals 1 to n, sverhdorogaya.

To this end, the operator transmits to the terminal 4 a reference to an element (elements) xifor i equals 1 to n, the data that were used during transmission to calculate the key of fi(xi), i is from 1 d� n, sverhdorogaya. EP refers to the subset of properties in Pithe service, which is required for validation.

While taking this subset EP links terminal 4 determines, by calculation or by measurement, the current value of yifor i equals 1 to n corresponding to the transmitted reference values, and applies one-to-one inverse functionsfi-1(yi)in the order of i is equal to n-1, K sverhzaryadnom the CW key. The CW result you get with this tool.

If the current value of yifor i equals 1 to n correspond respectively to the values expected by the operator, then the CW key value of the content reveal using CW, eliminating the scrambling of the content (as equivalent CW CW).

Otherwise, the value of CW key' content will be false and during the elimination of scrambling returns strange result (as different from CW CW) for the remaining sequence of processing of the contents during normal decoding.

It should be noted that the method in accordance with the invention provides the opportunity to consider the property Pifor i equals 1 to n services prior authorization and�use of the content.

It should also be noted that if the CW key content changes over time, which, in particular, occurs when the broadcast or transmission of the content "live", the values of xifor i equals 1 to n, can be adjusted for each transmission of a CW key content in accordance with modifications made for services or for the expected properties of the terminal 4.

In addition, the compliance properties of Pifor i equals 1 to n, can be checked systematically or on a one-time basis, or, in particular, randomly. If you check the properties of Pibe systematic, the calculation of the values of yion the terminal side may be hidden, and therefore there is no need to transmit the reference value of Piin the terminal.

In addition, the checked property should be appropriate to the type of broadcast content. If the CW key content will be transferred very widely for a variety of terminals, then the expected elements of yifor i equals 1 to n, the data, which respectively are representative of the properties of Pifor i equals 1 to n, the services should have the same corresponding views across the set of destination terminals. The mentioned elements yifor i equals 1 to n, the data are the values to which access can be directly implemented or to�which can represent the result of previous measurements or calculations (hashing, etc.). They can present a unique property or a combination of the coherent properties of services. They also must be formatted so that they can be used correctly by using inverse functionsfi-1(yi), i is from n to 1, swedservay CW key of the content with which they were associated.

These functions fi(xiandfi-1(yi)for i equals 1 to n, can be based on standard or proprietary cryptographic functions. Their complexity reflects a compromise between the expected level of protection and performance terminals. They can take the form of relatively simple functions, such as XOR summation, rearrangement or replacement, or re complex algorithms such as 3-DES or AES. The values of xiand yican imagine the state the same as the property Piwith different, albeit equivalent numerical values. In this case, fi(xiandfi-1( i)include calculations for reformatting data restoring strict equality between xiand yithat, therefore, allow you to use a simple definition offi-1(yi)on the basis of the fi(xi).

The link syntax EP elements xifor i = 1 to n, the data transmitted to the terminal 4 can be protected for masking in electronic communications Pifor i equals 1 to n, which the operator wishes to use. In this case, since the links do not necessarily change with every change of the key content transferred the links can be concatenated with a random value that changes each time you change the key content. The cryptogram links, thus, is different for each key of the content.

Fig.3 schematically illustrates the use of the method in accordance with the invention in an environment in which there are two security module, the security module chipset decoder 50 and protected chipset smart card 52.

In the environment of this type, the operator can dispense with�STS, designed for use between the different modules, in accordance with the order in which the cryptogram CW key content passes through these modules. Some properties can also be used in one of the modules to verify compliance with the properties of another module.

The method in accordance with the invention can also be used when exchanging data between two such modules, such as, for example, the receiving module content, considered as a transfer point, and the associated security processor, which is considered as the point of reception, in the sense of the method in accordance with the invention. Links to properties that must be checked, must be known, respectively (or should be referred to), each of these modules. While there is no requirement circulation of all properties in all interfaces between the different modules.

With reference to Fig.3, the platform 2 scrambling contains the submodule 22 swedservay that contains the procedure that is used for encrypted CW key of f1input parameter which is an element of x1data, denoted as fi(xi), which represents a property P1configuration of secure module chipset decoder 50. The decoder 50 is in mode, a read-only, the data item y1 corresponding to P1. The latter contains a sub-module 42 treatment designed for use for CW key content off1-1(y1)that is an inverse function to the function f1(x1) used in the platform 2 scrambling the input value which represents the value of y1submitted chipset decoder 50.

Terminal 4 chipset decoder 50 includes a computing module 40 containing sub-module 421 treatment intended to apply to supersexymodel key CWf1-1(y1)that is an inverse of a function f1used when transmitting to sverhdorogaya CW key.

If an element of y1data supplied by the chipset decoder 50, correspond to the elements of x1the data used in the platform scrambling as input the function f1this would mean that the property P1set by the operator is not satisfied. In this case, the value �of obsession CW key will not be disclosed to perform the decryption and removal scrambling makes the result incomprehensible to the rest of the sequence of processing of the content, usually decode.

In addition, in the example illustrated in Fig. 3, the platform 2 scrambling contains at least one sub-module 22kswedservay containing procedures for applying for CW key function is fkinput parameter which is an element of xkdata that represents a property Pkthe configuration of the protected module is protected chipset smart card 52.

The latter contains a sub-module 54ktreatment intended for application to key CW content functionfk-1(yk)that is an inverse function to the function fk(xk) used in the platform 2 scrambling the input value which represents the value of ykfiled in protected chipset smart card 52.

If an element of ykdata supplied to secure the chipset smart card 52 that correspond to the elements xkthe data used in the platform scrambling, as the input to the function fkthis would mean that the property Pkset by the operator is not satisfied. In this case, the CW key value of the content will not unfold and hook up�then perform the decryption and removal scrambling makes the result incomprehensible to the rest of the processing sequence of the content, usually decode.

In another embodiment of the invention method is used to protect the interface between the chipset decoder 50 and protected chipset smart card 52.

In this case, protected chipset smart card 52 includes at least one sub-module 54ifor i equals 1 to n, swedservay containing procedure intended for use for the encrypted key CW at least one function fiinput parameter which is an element of xidata that represents a property Pihardware and/or software configuration of the interface between the chipset decoder 50 and protected chipset smart card 52.

The module 40 calculation chipset decoder 50 includes at least one sub-module 42ifor i equals 1 to n, processing designed for use for CW key content of at least one functionfi-1(yi), i is from n to 1, which is an inverse for the function fi(xi), i equals 1 to n, used in secure chipset smart card 52.

If the element isidata supplied by CSR�decoder circuits 50, will not match the element xithe data used by sub-module 54iswedservay protected chipset smart card 52, the input function fiit would mean that the property Pihardware and/or software interface between the chipset decoder 50 and protected chipset smart card 52, specified by the operator is not satisfied. In this case, the value of CW key content will not be correctly decrypted and for Troubleshooting this is a strange result for the remaining part of the processing sequence of the content, usually decode.

The following Table discloses, as a permissive, properties Pia protected environment or external to the latter, which can be used by the method in accordance with the invention.

PropertyThe audit appointment propertiesAdvantage
The value representing the current characteristics of the protected environment of the terminal, typically protected module chipsetThe relevance of the current characteristics of the protected environment of the terminal (in accordance with ka�the programming, activated or deactivated functions (fixed JTAG boot loader is in protected mode, the indicator "is executed first run" (installation environment of the target terminal), encryption, active FLASH, encryption active RAM, etc.), number of keys, etc.)Compliance management reliable, unprotected environment of the terminal on the requirements of the security policy update control anti-mosc
...
The current status of A/V outputsCheck exits authorized for content (HDMI, HDD, Ethernet, Wifi, etc.)The E2E management of compliance of the content of the politics of redistribution
The current status of the protection mechanisms associated with A/V outputsActivation mechanisms of protected content for authorized conclusions (HDCP, DTCP-IP, CI+, SRTM, etc.)
...
Value representing authorized services and/or usage rights received by the agent access controlCompliance with authorized services (a list of identifiers of services on or associated�of aeratorov) and normality is obtained rights to use (number of rights, expiration of the rights, etc.)Compliance management access management agent to perform patch Management Anti-MOSC
...
A value that represents a list of the abolition associated with the protection mechanisms of the output of the A/VCompliance with the current version of the list of cancellations related to the mechanism of protection output A/V (HDCP, DTCP-IP, CI+, SRTM, etc.)
...
Value representing the current settings for accessing the service (s) operatorCompliance to current installations for access to the service (service operator) (address of the portal services, etc.)Compliance management services provided patch Management
A value representing the previous key content protectionRemoval of random access to the content (forced consumption of part of the contents of t typical ads for access to the next part or at least the beginning, etc.)
...

The method in accordance with the invention is applied to re�enum DRM (digital rights administration), and to the decisions of CAS (system access management) for services that can be linear (direct transmission) or not (VoD, etc.) and can be passed as individual sending the multicast or broadcast transmission.

It should be noted that the authenticity of the information transmitted to coordinate A/V outputs terminal is no longer required. Indeed, if the latter is correctly installed before disclosing key content, the latter will not be properly resolved scrambling.

It should also be noted that in the context of unicast services (VoD, etc.), if the user ID or terminal that has received a license or right, is also used as a means of disclosure, then this ID can be used as a valid label for the device for the formation of watermarks.

The method in accordance with the invention dynamically under the direct control of the operator services platform 2 scrambling. Take into account the properties of the service representative and their expected values can be applied over time in accordance with the requirements of the limitations and changes of deposits terminals targeted for the operator.

The process is strictly identical for all terminals, receiving the specified content, regardless of rela�lstout or not the value of the received data characteristics of their expected values. Thus, there is no validation and therefore any intermediate testing, and only the final value of the received key content helps or not correctly decrypt the content, or designates or not, consider that all characteristic data match expected values.

Using the method in accordance with the invention, increases the difficulty for an attacker who attempts to reveal the key content. This complexity is not based solely on knowledge of the key pre-installed in a protected environment of the terminal, but also depends on the hardware and software configuration used for the realization of services supplied.

In another embodiment of the method in accordance with the invention, revealing some of the blocks are dynamic and are changing the service or its compliance with respect to the given content. In this embodiment, access to the key content requires that the terminal was appropriate.

In addition, the protection end-to-end content protection agent access control or General protection services operator, can be matched with the protection of key content.

1. Method for content protection (6), scrambled with a key CW content transmitted is encrypted by using a key To access the content, distinguish�ISA, that the content served by the transmission system, at least one receiver terminal (4), by using the service, made locally in the receiving terminal, using the set of properties Pifor i equals 1 to n, is known for the transmission system, where each of the mentioned characteristics of the Pirepresented by the xithe data recorded in the data system, and using the local element of yidata from the local access is intended only for reading in said terminal, and that during the transfer mentioned method includes a step consisting in sverhcheloveki mentioned CW key content using at least one invertible function fi(xi) sverhdorogaya, which depends, at least one of the properties of Pifor i equals 1 to n, and when receiving disclose the value mentioned supersaturating key CW content, applying to supersexymodel key CW content-return functionfi-1(yi)superterrane corresponding to the property of Pi.

2. A method according to claim 1, also comprising the following stages:
during transmission
- define a non-empty subset of Piproperties (i equals 1 to n, which will be checked,
- perform superherofan mentioned key CW content, applying to the CW key of the content of the reversible function fi(xi) superterrane for each property Pifor i equals 1 to n, the subset of ER,
- transmit mentioned supercalifragi CW key of the content to the terminal (4),
and when you receive
- for each property Pibelonging to the mentioned subset of ER, read the local elementidata mentioned terminal representing mentioned are the property of Pi
- reveal the value mentioned supersaturating key CW content, applying to supersexymodel the CW key contents, inverse functionsfi-1(yi)superterrane for each property Pimentioned subsets EP, i equals 1 to n,
- remove the scrambling of the content through open value mentioned CW key content.

3. A method according to claim 2, wherein, if any one of the functionsfi-1(yi)calculated at reception not is the inverse of the corresponding function fi(xi) defined in the transmission, for the subset of EP, CW key content will not be revealed.

4. A method according to claim 2, wherein the key CW content reveal only after checking all the properties of Pifor i equals 1 to n.

5. A method according to claim 2, wherein when transmitting sverhkachestvennye key CW transmit content to the terminal (4) in synchronization with the above-mentioned subset of the EP, consisting of links on the properties of Pifor i equals 1 to n denoting the elements of xithe data used for the calculation of the reversible function fi(xi) sverhdorogaya and, accordingly, the elements of yidata intended for use for the calculation of the inverse functionsfi-1(yi)sverhdorogaya.

6. A method according to claim 4, wherein the verification of properties of Pifor i equals 1 to n, is performed systematically or on the basis of the on-off switch.

7. The receiver terminal (4), is arranged to receive the scrambled content supplied to at least one service provided by the method according to claim 1.

8. The recording medium containing recorded therein a computer program, characterized in that the movie contains instructions embodiment of the method according to claim 1, when it is performed with a computer.

9. The platform (2) for scrambling the content supplied to at least one receiver terminal (4), is capable of embodiment of the method according to any one of claims.1-7.



 

Same patents:

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to secret data transmission. A method of transmitting a data frame and an additional data item from a security processor to an external device comprises steps of: in response to receiving a request, the security processor calculating an additional data item, wherein the additional data item is a response to the request, selected from at least two possible alternatives of the response to the request; the security processor calculating delay time based on the calculated additional data item; delaying (98) the beginning of transmission of the data frame from the security processor to the external device by the calculated delay time for transmitting the additional data item.

EFFECT: facilitating secret transmission of data between a security processor and an external device.

15 cl, 8 dwg

FIELD: radio engineering, communication.

SUBSTANCE: to a complex of communication and control devices for mobile application there introduced are n-1 (n≥1) AWS, m-1 (m≥1) AWS, interface units of the first (10) and the second (19) types, separation filter unit (12), the second mobile radio station of omnirange of the first type (15), mobile radio station of omnirange of the second type (17), at least one modem (18), at least one switched telephone apparatus (20), the second switching equipment (2) that has the possibility of connecting a video surveillance system, as well as coder (3), voice communication unit (6) and antenna (16).

EFFECT: enlarging functional capabilities owing to increasing speed and protection of data transmission, collection of statistics on transmitted, received data, provision of internal voice communication between official bodies.

13 cl, 6 dwg

FIELD: information technology.

SUBSTANCE: method involves using a first set from one or more input encryption parameters for decrypting data in a received protocol data unit, wherein encrypted data were encrypted using a second set from one or more input encryption parameters; comparing the value of at least part of the decrypted data with an expected value; detecting, using a decryption control scheme, an encryption error if the value of at least part of the decrypted data does not match the expected value; and initiating an encryption resynchronisation procedure in response to the determination that there has been an encryption error, in order to resynchronise at least one input encryption parameter from the first set with at least one input encryption parameter from the second set.

EFFECT: solving problems of detecting and correcting encryption errors in a network not designed to support an encryption error correction procedure.

14 cl, 6 dwg

FIELD: information technology.

SUBSTANCE: based on each biometric parameter, the probability of "alien" data falling into a first interval of "own" data is determined; further all adjacent additional intervals are generated such that they yield probability of "alien" data which is close to probability of falling in the first "own" interval. The invention proposes to generate all intervals iteratively, while gradually increasing the first "own" interval up to the moment of the given approach of controlled probabilities of "alien" data falling into all selected intervals, and also up to the moment when probability of falling into most of the selected intervals approaches the given range of values of likely probabilities. The selected intervals are numbered. A biometric code sequence is generated from the numbers and that sequence is hashed.

EFFECT: uniformity of output hashing codes under the effect of "alien" biometric data and unambiguity of the output code under the effect of "own" biometric data.

5 cl, 5 dwg

FIELD: information technologies.

SUBSTANCE: cryptosynchronisation parameter is generated based on fields related to the following: data packet segmentation; a flow related to transfer of data packet; counting of route related to data packet transfer. At the same time at least one of fields has alternating length.

EFFECT: reduced overheads for transfer of cryptosynchronisation parameter.

18 cl, 5 dwg

FIELD: physics; communication.

SUBSTANCE: invention relates to a device and a method of encoding/decoding a signal in a communication system. Second encoding information is generated in a communication system using first encoding information when transmission data are generated. The data are encoded using second encoding information and third encoding information. The first encoding information corresponds to a rolling counter. The rolling counter receives an increment when the number of the communication system frame increases. The third encoding information is a traffic encryption key (MTK) for group and broadcast services (MBS). A signal containing encoded data and first encoding information is generated and transmitted.

EFFECT: design of a device and a method for encoding/decoding a signal used to avoid conflict between initial counter values when an advanced encryption standard (AES) counter mode is used in a modern IEEE 802,16 communication system.

12 cl, 6 dwg

FIELD: physics; radio.

SUBSTANCE: invention relates to radio engineering and specifically to information transmission in a communication network. The technical outcome is achieved due to that, at the transmitting side each message block is presented in form of a first number Y, which, using a hash function and a private key K and an initial vector v known at reception and transmission, is transformed to a second number Z with a considerably larger numerical interval than values of Y. The sequence of numbers Z is then transformed to a second sequence of digital numbers E, each of which is a prediction error which is then interpolated into an analogue signal E(t) and transmitted to a recipient. At the receiving side, the received signal E(t) is time-quantised to a second sequence of digital numbers E, which, using the same prediction as on the transmitting side, is converted to the sequence of second numbers Z, which is transformed to the sequence of first numbers Y via inverse transformation of the hash function. The obtained numbers Y are presented in form of a sequence of blocks, obtaining the transmitted binary information signal as a result.

EFFECT: improved electromagnetic compatibility inside a wireless communication system, improved information security of transmitted messages, possibility of operating with radio equipment of previous generations.

1 dwg

Safety of messages // 2373653

FIELD: communication facilities.

SUBSTANCE: invention elates to field defense data network, particularly to transmission methods of electronic messages, preferentially emails. Essence of invention is that from the first user, allowing the first terminal, to the second user, allowing the second terminal, it is transmitted email in encode form by the first terminal. Encoded email is ciphered by means of key, formed by the first key gun, using seed; provide to the second user seed for formation of key by means of the second key gun, provided in the second terminal; it is provided and saved seed in the second terminal; it is used seed by the second terminal for generation of key each time, when it is received scrambled email from the first user to the second user; synchronise value of metre in each terminal; and is generated key on the basis of seed and value of metre in each terminal, independently of the other terminal.

EFFECT: providing protection in email transmission system without necessity of reuse of passwords or personal keys.

25 cl, 4 dwg

FIELD: radio engineering, information transfer technologies, possible use in communication systems for interference-resistant transmission of digital information with certain degree of confidentiality.

SUBSTANCE: in accordance to method, original chaotic determined signal is generated by first chaos generator, transferred via communication channels, received and divided onto two identical signals, while first signal affects second generator with possible production of signal, synchronized to original signal, subtracted from which is second signal, producing useful digital signal, and generation of signal is realized by modulating parameters of chaotic signal by useful one, and second identical signal affects third generator, identical to second one in terms of control parameters, while first and second generators are picked with possible setup of generalized chaotic synchronization mode.

EFFECT: increased reliability of method for secret transfer of information while simplifying its realization with usage of determined chaotic signals.

6 dwg

FIELD: radio engineering, possible use for increasing structural and informational concealment of digital signal being transmitted, and also for increasing resistance of radio communication systems to interference.

SUBSTANCE: in the method for transmitting and receiving discontinuous information with pseudo-random signals computation of autocorrelation functions of input pseudo-random signals is performed during time, equal to duration of code combination τk, resulting in n times increased signal/noise ratio at output of correlators, while information message itself is not transmitted via radio line. In the method for transmitting and receiving discontinuous information with pseudo-random signals, signals of binary code combination by means of encoder are transformed to signals of encoded code combinations, then to each encoded code combination appropriate pseudo-random signal number is assigned, and combinations are transmitted via radio channel at bearing frequency during time, equal to its duration τk, while receipt and processing of these pseudo-random signals is performed by means of correlators, number of which is equal to number of pseudo-random signals being transmitted with processing time of each one being equal to duration of code combination τk, as a result of which video impulses are generated, by means of which from memory device appropriate encoded code combinations are read, which are transformed by decoder to code combinations of digital signal being transmitted in accordance to provided encoding rule, which are then added together and digital signal being transmitted is produced at output of receiving device.

EFFECT: increase resistance of digital signal receipt to interference, and also increased informational and structural concealment.

1 dwg

FIELD: information technology.

SUBSTANCE: method includes steps of: a transmitter using an operating key and an encryption algorithm executable code in a virtual mother card to encrypt a control word CWt to obtain a cryptogram CWt*, using a syntax constructor executable code in the virtual mother card to generate an ECM (Entitlement Control Message) that incorporates the cryptogram CWt*, and transmitting said ECM to a terminal; the terminal receiving the ECM, determining the location of the cryptogram CWt* in the received ECM using syntax analyser executable code and then decrypting the cryptogram CWt* using the operating key and the encryption algorithm.

EFFECT: safer data transmission.

14 cl, 6 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to a broadcast encryption method. The technical result is achieved through a method of controlling decoders of at least one group of decoders, having access to audiovisual data, wherein the method comprises the following steps: at a step when the decoder should become a member of a group: obtaining and storing keys relating to a certain position in the group according to the broadcast encryption scheme; obtaining and storing current group access data containing at least the current group access key which is common for said group at the step of accessing the audiovisual data: using the current group access data for direct or indirect access to audiovisual data, at the step of updating the current group access key: transmitting a first group message containing at least the next group access data containing at least the next group access key encrypted such that only uncancelled decoders can gain access thereto, wherein said group message is further encrypted by the current group access key (CGK); updating the current group access key using the next group access key.

EFFECT: high efficiency of controlling access to broadcast content for a large number of subscribers by controlling access only based on keys.

5 cl, 4 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering. The invention can be implemented in a conditional access content broadcast system where it is desirable to identify and take measures against receiving equipment, applied when sharing control words. Owing to the requirement that receiving equipment used in the system transmits to a transmission station a conditional access content message at a precisely defined time, the invention provides a method through which a server identifies receiving equipment participating in the sharing of control words and prevents said receiver from further accessing said content.

EFFECT: effective protection of transmitted content.

12 cl, 2 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to cryptography. A chipset function activation method includes: receiving at least one of the following elements: a segmentation key, a general purpose key and a global cryptographic algorithm selector; transmitting at least two of the following elements: an initial value, the obtained segmentation key, the general purpose key and the global cryptographic algorithm selector to a computation module, wherein the initial value, the obtained segmentation key, the general purpose key and the global cryptographic algorithm selector are provided by at least two different organisations; generating in the computation module a temporary key using one of the following elements: at least one cryptographic algorithm of the computation module and at least two elements selected from a group including the initial value, the segmentation key, the general purpose key and the global cryptographic algorithm selector; receiving an activation message using the computation module; receiving an authentication code of said message using the computation module, wherein said message authentication code is calculated using the temporary key; authenticating said received message using the message authentication code and the temporary key; if the received message is authentic, activating the corresponding chipset function; if the received message is not authentic, prohibiting activation of said corresponding chipset function.

EFFECT: effective chipset protection.

11 cl, 1 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to information decryption methods. The method comprises steps of, in response to the absence in any of the terminals of one or more control words CWc for decrypting one or more multimedia content cryptoperiods, transmitting through said terminal to a control word server a request containing a cryptogram(s) of said one or more absent control words, and in response, transmitting by the control word server to said terminal said one or more absent control words, wherein the control word server selectively determines for each terminal the number of additional control words CWs intended for transmission to the terminal depending on the probability of compromising the protection of said additional control words, and besides the absent control words CWc, transmitting to said terminal said determined number of additional control words CWs, which enables the terminal to decrypt additional multimedia content cryptoperiods in addition to cryptoperiods decrypted using the requested absent control words CWc.

EFFECT: ensuring secure transmission of control words.

10 cl, 6 dwg

FIELD: radio engineering, communication.

SUBSTANCE: apparatus comprises: a unit which stores a key used for encrypting or decrypting data; a unit which receives a key transmission request including a key-dividing number via a wireless signal from an operation terminal; a unit which acquires a key transmission request from the wireless signal received by the reception section; a unit which determines a security level when transmitting the key to the operation terminal, as a transmission security level; a unit which determines a transmission power in accordance with the transmission security level determined by the security level determination unit and the key-dividing number included in the key transmission request acquired by the key transmission request acquisition unit; a unit which acquires each key fragment by dividing the key stored in the storage unit into the key-dividing number; and a unit which transmits the each key fragment acquired by the key acquisition unit using the transmission power determined by the transmission power determination unit, via a wireless signal to the operation terminal.

EFFECT: safer data transmission.

15 cl, 9 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to a network operation method. A network comprises a node and a system control device. A system control device comprises a root key material which is a set of functions, each having a degree of complexity α, and a node is provided with a portion of key material of a node having a degree of complexity α extracted from the root key material. The system control device generates a portion of key material for an external user with a degree of complexity α from the root key material and generates an access identifier. The system control device generates access key material with a degree of complexity less than α from the portion of key material for the external user and generates a node identifier. The system control device provides the external user with a portion of access key material and the node identifier. The external user extracts a key from the portion of access key material and sends to the node said key and access identifier. The node calculates a key from the access identifier and the portion of node key material and compares the key sent by the external user and the key calculated by the node in order to identify the external user.

EFFECT: improved security.

14 cl, 4 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to methods of providing secure communication in a network. The method comprises: an administration device provided with root keying materials, and steps of: generating, by the administration device based on the root keying materials, parts of keying material of a first node containing a certain number of sub-elements, and parts of keying material of the first node, assembled for generating a first terminated key, the administration device selects a subset of sub-elements of the first parts of the keying material, wherein the number of selected sub-elements is less than or equal to the total number of sub-elements of the first parts of the keying material, and the selected sub-elements form partial parts of the keying material of the first node or a symmetrical key generation mechanism, the first node generates, based on the symmetrical key generation mechanism of the first node and on a second node identifier, a first key used to provide secure communication with a second node.

EFFECT: more secure data transmission in a network.

6 cl, 7 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering and specifically to means of secure communication in a network. The method relates to secure transmission of information from a first node (N1) to a second node (N2) in a network, the first node comprising a first node keying material (KM(ID1)), the second node comprising a second node keying material (KM(ID2)), wherein the keying materials of the first node and of the second node comprise each a plurality of shared keying root parts formed by segments of the shared keying root parts. A communication network, having at least two communication devices, carries out said method.

EFFECT: safer communication by dividing keys into segments for predistributed keying material according to a variable distribution.

13 cl, 5 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering. A method of controlling access to a set of channels using a receiver/decoder comprising a security module (SC), each channel being encrypted by a specific channel control word (CW1, CW2), each channel having a channel identifier and transmitting access control messages ECM containing at least the current channel control word and the channel access conditions. The method comprises the following steps: tuning to a first channel having a first channel identifier (ID1); transmitting the ID1 to the SC; receiving first access control messages ECM1 containing a first control word (CW1); transmitting the first access control messages ECM1 to the SC; decrypting the first access control messages ECM1 and verifying the channel access conditions; if the access conditions are met; transmitting the CW1 to the receiver/decoder; storing of the CW1 and the ID1 in the SC; tuning to a second channel having a second channel identifier ID2; transmitting the ID2 to the SC; calculating, by the SC, the second control word (CW2) by performing the following steps: calculating a root control word (RK) with an inverse cryptographic function F-1 using the CW1 and the ID1; calculating the CW2 with the cryptographic function F using the RK and the ID2; transmitting the CW2 to the receiver/decoder.

EFFECT: reducing channel switching time when a user selects another channel.

9 cl, 3 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to a method and a system for restoring domain management. The method comprises steps of: registering one or more characteristics of the domain at a domain registration server by a first domain management device before the first domain management device discontinues the management of the domain, wherein the domain registration server is configured to create domains and provide the right to manage a domain, and the first device is configured to tie a device to a domain, sending a request for obtaining the right to manage the domain from a second domain management device to the domain registration server, providing, by the domain registration server, the right to manage the domain together with at least one of the registered one or more characteristics of the domain to the second domain management device.

EFFECT: providing reliable restoration of a damaged domain.

15 cl, 4 dwg

Up!