Signal processing method and device

FIELD: access control systems.

SUBSTANCE: proposed signal processing method involves reception of digital input signal incorporating first component of scrambled signal and second component of scrambled signal; binding of input signal with detachable intelligent card unit for processing first scrambled signal component and generation of first descrambled signal which is internal with respect to intelligent card unit and for processing second scrambled signal component in case of response to first descrambled signal to generate second descrambled signal and to integrate first scrambled signal component of input signal and second descrambled signal so as to produce output signal; reception of output signal from intelligent card unit and processing of second descrambled signal to shape signal adapted for display.

EFFECT: improved control of access.

1 cl, 9 dwg

 

This invention relates to access control systems, containing a map in an integrated circuit (IC) or smart card to restrict access to information in those applications where it processes the signal. Systems such as pay television systems contain subsystems access controls that limit access to certain programs or channels. View programs is allowed only for eligible users (e.g. users, who have paid the fee). One solution to limit access is to modify the signal by scrambling or encryption, for example. Scrambled usually uses the modification of the waveform using methods such as elimination of clock pulses. Encryption uses a modification of the information components contained in the signal, in accordance with a specified cryptographic algorithm. Need to diskriminirovaniya or decryption signal key given only to persons who have permission to access. As used below the term "scrambling" and "diskriminirovaniya" means a method of access control in General, including encryption and scrambling.

The access control system can include a map on integrated circuit (IC) or smart card. Intellectuals the I card is a plastic card the size of a credit card and has a built-in plastic IP signal processing. Smart card inserted into the reader card, which connects the signals from the IC card and the IC. The standard of the International Organization for Standardization (ISO) 7816 N establishes the technical requirements for the interface card based integrated circuits. In particular, according to the standard ISO 7816-2 electrical interface with the card is carried out on the eight contacts mounted on the surface of the card as shown in figa. Six of the eight signals at the points of contact is defined as VCC (supply voltage). RST (signal installation to its original state). L (clock signal), GND (ground), VPP (programming voltage for programming the memory in the IC card) and 1/0 (input/output serial data). The two pins are reserved for future use. The distribution of signals directed to the contact smart card, shown on figv.

Of IP in the smart card processes data, such as information protection control as part of the Protocol access control. IC includes a control microcomputer, such as the 6805 processor of Motorola semiconductor, Austin, Texas, which includes a ROM, an EEPROM, and NVR. The CPU performs various management functions protection: such as controlling permissions and key generation for descrambling the Oia scrambled information signal components.

Controlling permissions includes modifying the information stored in the map, which defines the permissions for the owner of the card (i.e. programs and services, access to which has the right user). The processor adds and removes permissions in the response to the permission information in the message control permissions (TFR)contained in the input signal. Data RCDS usually indicate permission for a certain service, for example - all the programs in this channel or on a specific program offered by a given service, for example - one film in the channel. Since the TFR refers to a relatively long-term resolution of the TFR usually takes place in the signal infrequently.

If the permissions on the service or the program diskriminirovaniya service or program may occur only after the key generation diskriminirovaniya. Key generation occurs when the response message permissions management (ERM), which are also contained in the input signal. SUR provide initialization data for executed by the processor procedures for key generation. Whenever a service change key scrambling, data SUR include a signal that the system has permission to access, could generate the corresponding new key d is scrambling. To prevent unauthorized access to the scrambled signals the key is changed frequently, for example every two seconds. Thus, the data of the SURAS in the signal are present often.

Data RCDS and SUR transferred to the smart card for processing through the terminal serial input/output data interface standard ISO 7816. Terminal serial input/output data is also used to transfer the generated key from the card to descrambler channel video processing. Descrambler descrambler information component of the input signal, such as video and audio data, using the key to obtain descrambling output signal or "plain text". Diskriminirovaniya is a process of scrambling, such as re-placement of clock pulses or data decryption using the conversion of the encryption algorithm. The signal diskriminirovaniya further processed by the channel signal processing to obtain video and audio signals corresponding to communicate with output devices such as CRT and a loudspeaker, respectively.

Enabling diskriminirovaniya in channel video processing involves the acquisition system hardware diskriminirovaniya. This equipment can be included in such consumer electronics the unit (BEU), as a television receiver, or it can be a separate block decoding, such as a cable box. The inclusion of equipment diskriminirovaniya device BEU or a separate block decoding considers this device to a particular access control system. For example, this instrument can match descrambling only a certain type of scrambling algorithm. If the network decides to switch to another access control system, for example because of security problems, the replacement of equipment diskriminirovaniya entail costly and difficult task of modifying devices BEU and/or replacement of decoding blocks.

In addition, data transfer between the smart card and using intelligent map system allows Hecker "attack" on the protection system. Because IP protection and management integrated in a smart card, Hecker cannot access [data] IP directly attempting "to death", i.e. to strike protection algorithm. Attempt splitting a smart card to gain access to IP will damage the IC. But Hecker can trace the transfer of data between the smart card and other nodes in the system. When tracking the data Hecker can intercept key data transferred to the external descrambler, and thus the village is Avith a threat to the access control system. Similarly, Hecker can trace the migration of data about permissions to the smart card and from it. By detecting changes between the data about the permissions that are entered in the intellectual map, and information about the permissions that are output from the smart card, Hecker can obtain information about the algorithm access control, which is used in a smart card.

This invention is directed, in part, to the definition of these difficulties and, in part, to provide solutions to these difficulties. In accordance with one aspect of this invention, the smart card processes the first and the second signal component in the input signal to obtain respective first and second processed signals. The second processed signal is combined with the first component signal in the input signal to obtain the output signal from the smart card.

According to another aspect of the present invention, the first signal component in the input signal combined with the second processed signal to obtain the given relations synchronization between the first component signal and the second processed component in the output signal.

In accordance with another aspect of the present invention, the first signal component in the input signal is delayed before its Association with the second the processed signal, the resulting output signal has the specified synchronization relationship.

In accordance with another aspect of the present invention set up a synchronization relationship is essentially the same as the synchronization relationship between the first and second signal components in the input signal.

In accordance with another aspect of the present invention, the first signal component in the input signal delay means is included in a smart card memory device FIFO type to join with the second processed signal.

In accordance with another aspect of the present invention the first and second signal components in the input signal includes scrambled information. The first and second processed signals include descrambling information corresponding to the scrambling information in the first and second signal components in the input signal.

In accordance with another aspect of the present invention, the first component of the signal in the input signal contains the scrambled data permissions for service with paid access, such as pay-TV channel, and the second component signal in the input signal contains the scrambled data received from the network service with paid access, such excrementory video or audio data.

The invention can more clearly be understood when referring to the accompanying drawings, in which:

Figure 1 depicts in a block diagram of a signal processing system containing a smart card that provides a resolution process, and decemberadio;

Figa depicts the location of the signal contacts on the surface of a smart card in accordance with the standard 7816-2 International organization for standardization ISO.

Figv depicts the assignment of interface signals of a smart card that is sent to the signal contacts Figa in accordance with the standard ISO 7816-2;

Figure 3 depicts a format that can be included in the processed by the system of figure 1 the signal.

Figure 4 depicts in a block diagram the implementation of the functions of signal processing, included in a smart card, the appropriate use of the system of Figure 1.

5 to 8 depict the signal routing on the intellectual map of Figure 4 during different modes of operation of the system 1.

The implementation of the access control system using a smart card according to this invention is described below with reference to cited as an example of a system for video processing, which is shown in block diagram Fig 1. Depicted in figure 1, the system includes the function of signal processing is Ala, which can be found in different systems, and signal processing. A concrete example is a satellite system direct TV DSS developed by Thomson consumer electronics, Inc. In the example network pay-TV with access control system, based on smart card user who wishes to purchase such services, accesses a network service, pays a fee for service access and receives a smart card. Map provide you with initial information, permissions, stored in the EEPROM of the card. Resolution information may contain data that identifies the user, and data defining the limits of the initial access permissions (e.g., length and/or the specific program for which you paid user). In addition, in the memory card stored with specialized software tools to generate a key.

Stored in the map information about the permissions service network can be modified remotely via message control permissions (TFR) and the message permissions management (ERM), which is placed in some parts of the signal. RCDS contain information specifying subscription service (long-term access) and maintenance of toll viewer (access to oneprogramme), paid by the user. RCDS can be addressed to a specific smart card by including TFR data identification information that matches identification information stored in the specific smart card. SUR contains such data as initialization data required to generate keys diskriminirovaniya. Therefore, the signal for a specific program contains as a component of the scrambled data containing video and audio data, and component control information containing SUR and RCDS.

If the user wishes to access pay-TV service, he inserts the smart card 180 in figure 1, the device 190 card reading. The device 190 card reading connects signals between the smart card 180 and the channel signal processing, containing blocks of 100-170 in Figure 1. More specifically, the unit 190 reads the card connects to eight terminals located on the surface of the smart card 180 in accordance with the standard ISO 7816-2 (see Figure 2). Set device 190 card reading connection creates an interface 187 between the smart card 180 and the channel signal processing. In accordance with one of the below aspects of the present invention, eight signal terminals in the interface 187 contain whitefish is Aly 184, high-speed port input/output data to smart card 180, signals 182, a subset of the interface signals of a smart card with IP ISO.

The program or service is chosen by setting the receiver to the appropriate channel using the tuner 100. Tuner 100 are controlled by a microcontroller 160 in response to inputs by the user. For example, the microcontroller 160 may receive signals of a channel selection from a remote control (not depicted in figure 1), driven by the user. In response to the selection signals of the channel, the microcontroller 160 generates control signals, thereby causing the setting of the tuner 100 on the selected channel.

The output of the tuner 100 is associated with correction forward error correction (CPI) 110. CPIO 110 constantly monitors information control errors, such as control bits parity in the tuned signal, to detect errors and, depending on the Protocol control error, error correction. The microcontroller 160 is associated with CPIO 110 for tracking errors in the signal and control processing errors. CPIO 110 also performs the function of analog-to-digital conversion (ADC) for converting the analog output of the tuner 100 to a digital signal at the output of CPIO 110.

The unit transportation 10 processes the signal from CPIO 110 for detecting and separating from each other the different types of data in the tuned signal. The data signal can be combined in a variety of formats. 3 depicts an exemplary data format, which is the basis for the following description. Shown in Figure 3 the signal stream contains data organized in packets of bytes of data, i.e. a "packetized" data. Each package refers to a specific type, or sub-workflow, the information in the data flow to a preset channel. For example, the signal contains the information packet pointer programs, control information (e.g., RMS or RCDS) video and audio. Sub-stream belongs to a certain package, define the data held in the header of each packet. The payload of each packet contains packet data. Depicted in the example of figure 3, the data format contains two bytes (16 bits) of data in the header and 186 of data bytes in the payload.

The first twelve bits of the header in each packet are data bits identify the program (IDP). These fdws identify sub-data stream, which includes the data payload. An example of the information provided by the data of the FDW is summarized in table 1.

TABLE 1
The value of PIThe content of the payload
1information of pointer programs, the
4RCDS
10video for channel 101
11audio data for channel 101

Other values FDW identify video and audio data for other channels.

As part of the configuration process, the microcontroller 160 refers to "map" the FDW stored in the memory of the microcontroller, to determine the values of the FDW related to the configured channel. The corresponding values of PI are loaded into the registers of the PID unit 120 transportation. For example, if you select channel 101 microcontroller 160 samples stored in the map PI determines that the video data and audio data for channel 101 refer to the values 10 and 11 PI, respectively, and loads the values 10 and 11 to the appropriate video and audiologists fdws in block transport 120. These fdws in incoming packets are compared with the values of the PID stored in the registers of the FDW to determine the content of the payload of each packet. The microcontroller 160 may adjust the map data fdws in response to the information communication between the IDP and the channel in packages of pointer programs" (the value of PI equal to 1).

The last four bits of the header of each packet further define the content of the payload as follows (see Table 2):

td align="right" namest="c0" nameend="c2"> TABLE 2
Bit headerDesignationFunction
13Flag SURindicates whether the payload SUR
14-reserved
15Flag ENCindicates whether the payload is encrypted
16Flag keyspecifies whether the key payload key And or key In

Action flag SUR, for example, when logic 1, indicates that the payload includes data such SURAS, as initialization data for key generation. Action flag ENP indicates that the payload is encrypted and therefore should be descrambling. Flag key determines which of the two keys, key a or key B, should be used to diskriminirovaniya payload (e.g., logic 0 indicates the key And the logical 1 indicates the key In). The use of the flag key is described below with reference to Fig.7.

Block 120 transportation of figure 1 retrieves and processes the header information in response to the synchronization signal packet, shown in figure 3. The clock signal package to generate and synchronize the flow of data through CPIO 110. Each change of level of the clock signal the packet indicates the start of a batch. The unit transportation 120 handles 16 bits of the header data, the following for each change of level of the clock signal of the packet to determine a destination for the payload of the packet. For example, the block 120 transportation transfers the payload with the TFR (the value of PI equal to 4) and SUR to the controller 183 protection in a smart card 180 via the microcontroller 160. Video and audio data are sent to the demultiplexer/descrambler 130 to diskriminirovaniya and demuxing the video and audio signals. Data pointer (value of PI equal to 1) is sent to the microcontroller 160 to adjust map PI.

The controller 183 protection processes data RCDS and SUR to ensure the functions of access control, including control of permissions and key generation. The controller 183 protection include an integrated circuit (IC) 181 and it contains a microprocessor, such as the 6805 processor of Motorola. Controlling permissions includes processing data TFR, to determine how and when to adjust the permission information stored in the IP 181, i.e. to place the resolution to cancel them. Data SUR provide initial values for the controller 183 protection to generate keys diskriminirovaniya. After its generation by the controller 183 protection key is transferred through m is crocontroller 160 to descrambler 130, where descrambling scrambled component data input signal, for example, video and audio data of the program from the configured channel. In accordance with the described principles of the present invention function diskriminirovaniya may also be provided by descrambler 185 contained in the integrated circuit IC 181.

Diskriminirovaniya video and audio data expanding device 140 expansion of the compressed video data and device 145 expansion of the compressed audio data, respectively. Program data is compressed in the source program by using one of the known variety of data compression algorithms. Devices 140 and 145 expansion of compressed data draw the effect of the data compression algorithm.

The outputs of the devices 140 and 145 expansion of the compressed video and audio data associated with the respective processors 150 and 155 video and audio. The processor 155 of the audio signal may contain functions such as generation of stereo and digital to analog conversion to convert the digital output signal from the device 145 expansion of compressed data to analog audio output (AVA) from the processor 155 that can be associated with a loudspeaker (not depicted in figure 1). The CPU 150 of the video also has the capability to analog conversion to convert the digital output device 140 extension is jatuh data into the analog video output (ABB), suitable for display on a display device such as a kinescope. The video processor 150 also provides a switching signal required to turn the alarm on-screen display (sea)received by the processor 170 sea, in the signal ABB. Signal sea is such graphical information as displaying a channel number included in the displayed image. Videoproektory in the video processor 150 multiplexer signal sea in the signal ABB, as required to obtain a desired display. The action processor 170 sea is controlled by the microcontroller 160.

Returning to the specifics of access control in the system of figure 1, the features and functions of smart card 180 may more clearly be understood from the block diagram of IP 181 smart card, shown in figure 4. Digital signs in figure 4, which is similar to digital legends Figure 1 indicate the same or similar features as shown in figure 4, the integrated circuit (IC) 181 contains the controller 183 protection, containing a Central processing unit (CPU) 421, NVR 426, ROM 425, EEPROM 423 and block 424 serial input/output data. The CPU 421 is therefore 6805 processor as manufactured by Motorola. Software key generation and control permits remember in ROM 425 and EEPROM 423.

Data defining the current the resolution, also stored in EEPROM 423 and modify them in response to information in the message control permissions (TFR) in a received signal. When the detection packet RCDS processor 120 transport in Figure 1 (the value of the PID of the packet is equal to 4) the microcontroller 160 Figure 1 carries the payload of the packet to the controller 183 protection through block 424 serial input/output data. The CPU 421 transfers TFR data in the payload to the NVR 426. The CPU 421 processes the data RCDS and modifies permissions data is memorized in EEPROM 423, respectively.

Payload package, which includes a message management solutions (RMS), specified the current flag of the SURAHS in the header of the packet is transferred from block 120 transportation to the controller 183 protection by microcontroller 160 and block 424 serial input/output data. Include SUR could be any type of package, for example, packages RCDS, video or audio. Data SUR is used to generate the key diskriminirovaniya for a particular data type. For example, the data of the SURAS in the package RCDS used for key generation diskriminirovaniya RCDS. When transferring to the controller 183 data protection SUR stored in NVR 426 before processing them using the CPU 421. The software key is generated, stored in EEPROM 423 and ROM 425, performed by the CPU 421 using the data the SUR NVR 426 to generate a specific key. Data SUR provide such information as the initial values needed for the algorithms to generate the key. The key is stored in NVR 426 to transfer them to the CPU 421 to descrambler 130 at block 324 serial input/output data and the microcontroller 160.

Data RCDS and SUR can be encrypted in accordance with the valid flag of the ENP encryption in the packet header. Encrypted data is transferred from block 120 transportation to descrambler 130 to diskriminirovaniya prior to their transfer to the controller 183 protection for handling control permissions or key generation.

The characteristics and the effect of IP 181 are typical known systems of the smart card. But, as indicated above, the use of unit diskriminirovaniya, which is external to the smart card, such as descrambler 130, essentially worsens protection system and makes changing equipment diskriminirovaniya undesirable. The arrangement of figure 1 and 4 includes features that significantly improve protection in comparison with known systems, smart cards. In particular, IP 181 smart card 180 includes a block 184 diskriminirovaniya and synchronous interface 184 high speed transmission of data that contains individual lines sequentially transmitted vhodnye output. The combination of descrambler 185 and interface 184 creates the possibility that all processing access control occurred in the smart card 180.

Shown in figure 1, the device 190 reading card connects the interface signals 165 ISO from the microcontroller 160, and high-speed interface signals 125 from block 120 transportation to smart card 180 via part of the interface 187 smart cards, which are, respectively, designated as 182 and 184. Figure 4 depicts the signals included in the interface 187. Signals 182 ISO contain the signal power, ground, original position and serial I/o data in Figure 4 (which corresponds to the VCC, GND, RST, 1/0 on Figv). High-speed interface signals 184 contain high-speed signal input and output data clock signal package and high-frequency (e.g., 50 MHz) clock signal. The signal VPP standard MOS (programming voltage) is replaced by a synchronization signal packet, allowing to interface 187, which includes both high speed and cause a slow interfaces was performed using the configuration of the ISO with eight contacts, as shown in Figa.

Troubleshooting signal VPP does not interfere with the system of figure 1 to work with smart cards de the existing ISO, which do not include descrambler 185 and high-speed data interface 184. Current smart card usually contains circuit EEPROM, which do not require separate programming voltage. "Paging charges generates the desired programming voltage from the supply voltage of the card, when the programming voltage is required. Therefore, the signal VPP is determined by the ISO, is the "unused" output for most current smart card standard ISO. Use system available today smart cards requires modifying the system in which high-speed interface 184 and descrambler 185 do not use. The desired modification can be made by changing only the software for the controller 160.

Descrambler 185 operates with a high data transmission rate in response to high-frequency clock signal, while the security controller 183 requires a clock signal with a lower frequency. The divider 422 181 in IP divides the clock signal of 50 MHz for receiving a clock signal with a lower frequency, corresponding to the controller 183 protection. Therefore, a single high-frequency clock signal is chronium signal to control the operation of a controller 183 C the shields, and descrambler 185. The use of divider 422 provides the opportunity to spend two of the eight interface smart card signals to separate high frequency and low frequency clock signals.

Descrambler 185 contains the block 472 decoding of the transport block 474 filter FDW-SUR and the filter unit 476 addresses TFR to provide functions similar to the above function block 120 transportation of figure 1. High-speed signal input and output data interface 187 connect high-speed data stream of the input signal between the block 120 transportation and descrambler 185. The enabling unit 120 transportation smart card 180 network smart card 180 the ability to process incoming data packets at a high data rate of the input signal. Both signals as the input signal data and the clock signal packet is associated with the block 472.

In response to each change of level of the clock signal package block 472 handles 16 bit header data. The first 12 bits of the header are used for identification program (IDP), which is directed to block 474 filter FDW-SUR. Block 474 compares these fdws package with the values of the FDW stored in block 474 for each type of service included in the configured channel. Similarly) is stated above action block 120 transportation (see Table 1 above and the corresponding description) comparison of fdws in block 474 determines what type of data it contains a payload, for example, a pointer to the program, RCDS, video or audio data. Is the PID that identifies the types of service currently configured signal, remember in registers block 474. The registers are loaded as part of the process described above settings for the system of figure 1. More specifically, the microcontroller 160 the above image samples stored in the "map" of the FDW and transfers the values of the PI relating to the customized at this time, the channel registers in block 474 through signals 182 and controller 183 protection in a smart card 180. Data transfer between the controller 183 protection and functions descrambler 185, such as a block 474, occurs on the data bus that is internal to IP 181 and are not depicted on Figure 4.

The method of processing data payload smart card 180 is determined by comparing the results of the FDW in block 474 and content of bits 13 through 16 of the packet header, the extracted block 472. For example, channel 101 (see Tab. 1) these fdws identify the following: data pointer program (PI=1), the microcontroller 160 processes for map corrections of the FDW data RCDS (PID=4), the controller 183 protection processes for modifying permissions, the form of the data (MFI=10) and audio data (PID=11). Bits 13 through 16 of the header control action, relevant to protection (see Tab. 2 above and the corresponding description) in the smart card 180. If bit 13 (flag) is applicable, the payload includes data SUR, which require processing key generation controller 183 protection. If bit 15 (flag ENP) is valid, then the payload encrypt and descramblers in block 478 diskriminirovaniya under descrambler 185. Bit 16 determines whether the used key And or key In block 478 to diskriminirovaniya.

Bit ENP encryption status determines how to process the data payload block 478 diskriminirovaniya. Unencrypted data payload are no changes from the high speed input terminal smart card 180 via the power diskriminirovaniya 478 in high-speed terminal of the data output. Encrypted data descrambler speed data transmission unit 478. Diskriminirovaniya video and audio data are sent to the high speed terminal of the output data in the smart card 180. Each descrambling video and audiopaste bit ENP in the packet header set to logical 0, indicating that the package is "clean", i.e. descramblers.

To ensure that no authorized users do not floor the Ali access to descrambling data related to permissions or key diskriminirovaniya data RCDS or not SUR release of smart card 180 via the high speed terminal of the data output. One solution for smart cards is that the component data of the RCDS and SUR is simply removed from the data stream output from the map. However, by tracking changes in data in the data flow between the input and output data in a smart card 180, Hecker can get useful information about the processing that occurs in the smart card 180. For example, Hecker can assume that the information removed from the data stream smart card refers to the service associated with the smart card.

This problem is solved by the direction of the original scrambled component of the information Department of the TFR or SUR, with the establishment of bits of the ENP on logical 1 via the smart card 180 from the high speed terminal of the data input to the high speed terminal of the data output. More specifically, the first signal component in the input signal, such as scrambled information Department of the TFR or SUR, process, for example descrambler, descramblers 478 for receiving the first processed signal, such as diskriminirovaniya data needed to generac and key. Such information as the key information in the first processed signal, use descrambler 478 for processing the second component of the input signal to obtain a second processed signal representing, for example, a scrambled video or audio data. The first signal component in the input signal combined with the second processed signal to obtain the output data stream smart card 180. So, for example, scrambled the permission information in the input signal can be descrambler.html and use smart card 180, but the corresponding output does not change, and therefore reduces the information that can get Hecker, watching the data stream.

To conceal the nature of what is happening in the smart card 180 processing, the initial component of the input signal is delayed until then placed back into the output stream. The delay provides the following: a synchronization relationship between the scrambled information management, such as TFR and/or SUR, descrambling data such as video and/or audio data in the output data signal of a smart card 180 is essentially the same as the sync relationship between the scrambled information management and scrambled data in the input data signal int is lectually card 180. As a result, Hecker at tracking the flow of data becomes more difficult to determine the characteristics of smart card 180, such as internal delay diskriminirovaniya.

Initial scrambled data delay and again placed in the data flow through the memory 477 FIFO type and Transservice 479 in Figure 4. Input data sent to the memory 477 FIFO type, is the input data descrambler 478. The delay by the memory 477 FIFO type, you can adjust the CPU 183 management to ensure that the delay through the memory 477 FIFO type, which corresponds to a specific algorithm diskriminirovaniya performed in descrambler 478. For example, the delay through the memory 477 FIFO type, you can increase or reduce the storage of larger or smaller amount of data, respectively, in the memory of the FIFO type before reading data from the memory of the FIFO type. The tracer 479 combines the delayed data from the memory 477 FIFO type descrambling data from descrambler 478 under the control processor 183 control to obtain the output data signal from the smart card 180. The tracer 479 may content the th multiplexer to selectively bind or release the memory of the FIFO type, or output descrambler with output data of a smart card 180 in response to a control signal sent by the processor 183 control.

Data RCDS and SUR, diskriminirovaniya in block 478 diskriminirovaniya, temporarily stored in NVR 426 controller 183 protection before they are processed by the controller 183 protection to control permissions and key generation. Block 120 transport in Figure 1 receives the data (either unmodified or diskriminirovaniya) from the high speed terminal of the data output smart card 180. The value PI of each package and check the payload is transferred to the corresponding functions of figure 1 for further processing (for example, the microcontroller 160 or expansion unit compressed data 140 and 145).

The operation of a smart card 180 control commands from the microcontroller 160 in Figure 1, which represent the intellectual map 180 via the serial interface standard MOS. Therefore, the microcontroller 160 is the main processor, and the controller 183 protection is a slave processor. For example, the microcontroller 160 transfers information fdws to smart card 180 and gives the map a command to descrambling data in the respective data streams. The controller 183 protection responds that checks permissions and configure smart card 180 for suitable for the subsequent processing type data, such as the resolution process, the key generation or diskriminirovaniya. In addition, the microcontroller 160 requests such information States as follows: if at this time diskriminirovaniya? Commands tell the controller 183 protection in a smart card 180 to terminal serial input/output data. Any requested command response is returned to the microcontroller 160 to terminal serial input/output data. Thus, the serial signal I/o data is a control signal between the system and the smart card 180, while the high speed data interface provides a high-speed signals input and output data between the card and the system.

Serial communication between the microcontroller 160 and smart card 180 happen to the Protocol provided in the standard ISO 7816-3. Smart card by sending in a system of non T-type Protocol notifies the system about a particular Protocol that will be used. More specifically, when the card is inserted in reader card reader card makes the voltage to the card and installs the map to its original state using the actuate signal installation to its original state. The card responds to the signal installation in ex is the initial state of the sequence data of the response to the installation to its original state", which is defined in the ISO 7816-3, paragraph 6. Response to set in the initial state contains bytes TDi interface. Four of the most little-endian byte TDi define the number T type of the Protocol (see standard ISO 7816, paragraph 6.1.4.3).

Type of Protocol is depicted in figure 1, the system is type T=5. Type 5 Protocol is classified in ISO as "reserved", i.e. is not currently defined. For the system of figure 1 type 5 Protocol is identical to the Protocol type

On (asynchronous half-duplex Protocol defined in ISO 7816-3, paragraph 8) with the exception of the method, which determines the baud rate in the baud rate for the serial input/output. Serial I/o interface card takes place at the speed determined in accordance with Table 6 of the standard ISO 7816-3. The calculation of the transmission speed in bauds based on speed synchronization controller 183 protection. For current smart card clock frequency for the controller 183 protection equal to the frequency fs synchronization output synchronization in the map. In accordance with the image on Figure 4 map contains 180 divider 422 for dividing the high speed input clock Fin on the factor N, i.e. Fin/N in order to establish the synchronization frequency for the controller 183 protection. Therefore, for type 5 Protocol Table 6 standard 781-3 MOS modify the definition of fs=Fin /n

As in the case with the type Of Protocol, all commands for type 5 Protocol initiated by the microcontroller 160. The command begins with pyatilitrovogo header containing single-byte designation command class (L), single-byte command (1NS), a two-byte parameter (P1, P2), such as an address, a one-byte number (P3), specifying the number of bytes of data that are part of a team and follow the header. For the system of Figure 1 parameter P1, P2 is not needed, and therefore, these bytes are bytes "don't pay any attention."

So, the commands take the following form:

L: 1NS: -:--:P3: data (P3 by tes)

Identified smart card 160 commands contain the command status and command transfer fdws. Smart card 160 responds to a status command from the microcontroller 160 that directs the state of the card when processing, for example: completed if the card key generation, does the card now diskriminirovaniya data. Using the move command PID microcontroller 160 transfers the number of fdws related to the configured channel. Other explain below commands, such as commands to transfer data RCDS and SUR, commands related to the key, and the command "acquisition proposal".

The operation of a smart card 180 and, in particular, the effect of descrambler 185 hereinafter described in more detail with reference to Figure 5-8. When configuring n the first channel of the microcontroller 160 transfers the values of the PID for the new channel from the map of the FDW to smart card 180, as shown in Figure 5. Data transfer the FDW is using the move command PID containing N values PI, where N is defined in the byte P3 header command. Command and values FDW report in the card through the terminal serial data smart card 180 and block 424 serial input/output data. The CPU 421 receives the data PID and sends the data to the appropriate register fdws in registers 474 in descrambler 185.

Before the signal can be descrambler.html, the user must obtain permission to access and descrambler 185 must be loaded in the correct key. After migrating data of the FDW to the smart card controller 180 183 protection compares the values of the FDW data about the permissions that are stored in EEPROM 423 to see if this user has permission to access the configured channel. If the user has permission, the next step is to generate the key. Key generation involves the processing of data SUR. Therefore, RMS need to accept and process to get the key to how audio and video can be descrambler.html. Data SUR encrypted to reduce the likelihood of unauthorized key generation. Card key for diskriminirovaniya SURAHS memorized in the map in EEPROM. As shown in Fig.6, the key SUR transferred by the CPU 421 from ESP the memory 423 registers key SUR in block 478 diskriminirovaniya.

If the user does not have permission to access the configured channel, then permission must be obtained before you generate the key, and then diskriminirovaniya can occur. Permission can be obtained by RCDS. "Address"that identifies a particular smart card, remember in block 476 addresses TFR in the map, when issuing the card. By including the address information in the TFR, the network may send the TFR in a specific map. Smart card compares the address information in the TFR with the address map, which is stored in block 476, for detecting directed to the map information of the RCDS. If the user does not have permission, the controller 183 protection configures the card for processing the TFR, as shown in Fig.6 when data RCDS taken.

As in the case of key SUR, card key RCDS memorized in the map in EEPROM 423. Key RCDS (see Fig.6) is transferred from EEPROM 423 registers key TFR in block 478 diskriminirovaniya by the CPU 421. Scrambled data TFR from block 120 transportation of figure 1 is introduced into the card through a high-speed port data input. After checking the address of the RCDS in block 476, in block 478 diskriminirovaniya decode intended for the map data of the RCDS. The decrypted data is RCDS temporarily memorize in NVR 426 and processed by the CPU 421 to correction and data about the permissions stored in EEPROM 423.

After loading the values PI - subject to the availability of permits and the room key SUR in descrambler 185 - map ready to descrambling data SUR and to generate audio and videoclose. Data SUR (Fig.7) signal is received by smart card 180 in the high-speed terminal of input data and detects the block 472 decoding transport. Data SUR directed to descrambler 478, where previously loaded key SUR is used to decrypt the data SUR. The decrypted data is SUR transferred from descrambler 478 to NVR 424. After will be available decrypted data SUR, the Central processing unit 421 performs the algorithms for key generation, stored in EEPROM 423 and ROM 425, using the decrypted data SUR NVR 424 for generating video and audiology. The generated keys are transferred to the corresponding registers of video and audioclock in descrambler 478.

As shown in Fig.7, descrambler 478 contains two register key for video videoclose a and b, and two register key for audio audiology a and B. the Future use of key a or b to diskriminirovaniya specific package is determined by the bit of the flag key in the packet header (see Table 2 above). "Mnogoluchevoi" feature is used to allow the new key to be generated at the time when the currently used Eleusis the key to diskriminirovaniya data. Data processing SURAHS in the controller 183 protection to generate a new key and transfer the new key to descrambler 478 require a significant number of command cycles in the CPU 421. If diskriminirovaniya was delayed during the generation and transfer of a new key, due to the delay in processing the viewer of this program have to watch a scrambled image, while in descrambler 478 will not put the new key. The existence of the registers a and b key allows decryption of data using the key in the same registry key, such as the register And key in the time, when a new key is generated and loaded into the second register key, for example the case In key. After initiation, data transfer, SUR, key generation network service waiting for some time, sufficient for the generation of a new key In [and put it] descrambler 478, and then encrypts the packet using the key Century. Flag key tells descrambler 185 when to start using the new key.

Upon completion of the operations depicted in Figure 5, 6 and 7, descrambler 478 initialize all the key information needed to process the encrypted data in the tuned channel, including SUR, RCDS, video and audio. Fig depicts the signal flow for data processing. Encrypted data is included in a smart card 180 via high-speed input terminal of peredav is the most consistently data. These data decrypting descrambler 478 using a previously loaded key. For example, if the block 472 transportation determines from the header of the incoming packet that the data payload are video related to videoclub And the payload of the packet decode in descrambler 478 using videoclose A. the Decrypted data is output directly from the smart card 180 via fast output terminal serial data. Note that the processing Pig does not require interaction between block 185 diskriminirovaniya and block 183 management protection, which descrambler 478 can process data at a high data rate in the input signal.

Key generation in the controller 183 protection in combination with the characteristics of diskriminirovaniya block 478 diskriminirovaniya provides smart card 180 full opportunity to process the signals, encrypted using different algorithms, including the standard data encryption algorithm (DES) algorithms Rivest-Shamir-Adelmann (RSA). Because smart card 180 provide all relevant access control processing, it is not necessary that such related to the protection of data as key data transferred from the smart card 180. Therefore, compared with the system of the AMI, which is used external to the smart card descrambler, protection of [the present invention] is significantly improved.

Although the use of internal to smart card 180 descrambler 185 gives the advantage of external descrambler, such as descrambler 130 of figure 1, can also be used. External descrambler may be desirable for compatibility described above smart card with existing pay-TV systems, which generate the key in the smart card 180 and transfer the key to descrambler 130. Or it may be desirable to use both descrambler 185 and 130. For example, protection can be improved by encrypting the signal twice with two different keys. Double-encoded signal can be decrypted using the system depicted in figure 1, as follows: one-time decryption of the signal descrambler 185 using the first key, the transfer of the partially decoded data to descrambler 130 and decryption of the signal for the second time in descrambler 130 using the second key. The second key is generated in the smart card 180 and transferred to descrambler 130.

For applications using descrambler 130 (i.e. applications in which the key data are transferred from the smart card 180) teams provide the data transfer key on the serial interface input/output data between the controller 160 and the smart card 180. For example, the microcontroller 160 sends SUR to the map in one command and requests the status key is generated by the status command. If state data indicate that the key generation is complete, the other team requests a data key, and the card responds that sends the key data to the controller 160. Then the key is transferred to descrambler 130.

There are various modifications of the described implementations. For example, specialists in this field will readily understand that this invention is applicable to other not stated here, signal and systems. For example, other than is shown in figure 3 - video systems and protocols video include the above satellite system DSS and multi-line TV. The above type of access control system is also applicable to such systems signal processing, as cellular telephone systems, in which the processing of permits may assume the following definition: does this user have permission to access cellular telephone system; and, if so, processing scriblerian cell phone signal.

Such applications as cellular phone system, involve the generation of a transmitted signal in addition to the processing of the incoming signal. To generate the transmitted signal requires encryption. Described is here smart card can encrypt data if in EEPROM and ROM in a smart card 180 stores the appropriate software encryption. Therefore, this invention is applicable to such sources as the telephone system or "head" used in cable television systems. It is implied that these and other modifications are within the patent claims according to the below claims.

1. The signal processing unit comprising a channel signal processing for processing a digital input signal comprising the first component of the scrambled signal and the second component of the scrambled signal, characterized in that it contains means for linking the mentioned input signal with a removable node of a smart card, and a removable node of a smart card made with the possibility of processing the first component of the scrambled signal to obtain the first descrambling signal, which is internal to said host smart card and the host smart card in response to the first descrambling signal is configured to process the second component of the scrambled signal to obtain a second descrambling signal and combining the first component of the scrambled signal is La the input signal and the second descrambling signal to obtain the output signal, means for receiving the output signal from a host smart card and connected to the said means for receiving the output signal from a host smart card means for processing the second descrambling signal and formation adapted to display the signal.

2. The device according to claim 1, characterized in that for combining the first component of the scrambled signal of the input signal with the second descrambling signal includes means delays the first component of the scrambled signal to obtain a delayed signal that has essentially set up a synchronization relationship in relation to the second descrambling signal, and means for combining the delayed signal and the second descrambling signal to obtain the output signal.

3. The device according to claim 1, characterized in that it contains means, responsive to the first descrambling signal to obtain the control information, and means for receiving the first and second descrambling signal responds to the specified management information with the second descrambling signal.

4. The method of signal processing according to which accept digital input signal comprising the first component of the scrambled signal and the second component with rabblerouser signal, wherein the associated input signal with a removable node of a smart card for processing the first component of the scrambled signal and receiving the first descrambling signal that is internal to the node, smart cards, and for processing in response to the first descrambling the second signal component of the scrambled signal to obtain a second descrambling signal and for combining the first component of the scrambled signal of the input signal and the second descrambling signal to obtain the output signal is taken from the node smart card output signal and process the second descrambling signal for formation adapted to display the signal.

5. The method according to claim 4, characterized in that when combining the first component of the scrambled signal of the input signal with the second descrambling signal to create the specified synchronization relationship between the first component of the scrambled signal and the second descrambling signal in the output signal.

6. The method according to claim 5, characterized in that the input signal has an input synchronization between the first component of the scrambled signal and the second component of the scrambled signal, and set agains the synchronization is essentially the same as the ratio of the input synchronization.

7. The method according to claim 6, characterized in that the first component of the scrambled signal contains information controlling permissions for service with paid access, and the second component of the scrambled signal contains data provided by the service with paid access.

8. The method according to claim 7, characterized in that service with paid access provides pay television services, and information control permissions contains information resolution television programming, and data provided by the service with paid access, contain data of a TV program.



 

Same patents:

The invention relates to an electronic audiovisual processing

The invention relates to scramblers device, in particular for digital TV systems

The invention relates to the field of broadcasting and reception, to the conditional access system for broadcast system, the device generating signals for use in said system

The invention relates to access control systems that contain smart card

The invention relates to data processing systems, storage devices and implementing specific programs using memory cards

The invention relates to a television technique and can be used to format the executable code and data that define interactive programs

The invention relates to methods of protection against videocapture

The invention relates to the field of radio and can be used in the cable television system (CATV) to ensure protection from unauthorized access (unauthorized access) subscriber special (paid) TV channels

FIELD: access control systems.

SUBSTANCE: proposed signal processing method involves reception of digital input signal incorporating first component of scrambled signal and second component of scrambled signal; binding of input signal with detachable intelligent card unit for processing first scrambled signal component and generation of first descrambled signal which is internal with respect to intelligent card unit and for processing second scrambled signal component in case of response to first descrambled signal to generate second descrambled signal and to integrate first scrambled signal component of input signal and second descrambled signal so as to produce output signal; reception of output signal from intelligent card unit and processing of second descrambled signal to shape signal adapted for display.

EFFECT: improved control of access.

1 cl, 9 dwg

FIELD: television.

SUBSTANCE: device converts signals to digital video information. Compression device is made in such a way, that it receives digital video data, coming from source data generator, and compresses digital images. Encoding device receives compressed digital video data coming from compression device and encodes compressed digital video data. Recording device stores encoded compressed digital audio data at data carrier.

EFFECT: higher data transfer speed.

3 cl, 17 dwg

FIELD: broadcasting systems.

SUBSTANCE: method includes broadcasting of message, including text portion intended to reach user, while said message is transferred in form of conditional access message.

EFFECT: broader functional capabilities.

5 cl, 7 dwg

FIELD: digital audio and video technologies.

SUBSTANCE: device for storing information is made with possible receipt of data carrier, decoder is made with possible receipt of compressed encoded signals from data carrier and transmitting signals to decrypter. Decrypter is made with possible decryption of compressed encoded data encrypted data and transmitting these to decompressor. Decompressor is made with possible receipt of compressed encoded signals from decrypter and decompression of compressed encoded signals to reproduce the image.

EFFECT: higher precision, higher efficiency.

3 cl, 17 dwg

FIELD: engineering of systems for loading and reproducing protective unit of content.

SUBSTANCE: in accordance to invention, in receiving device 110 for protected preservation of unit 102 of content on carrier 111 of information unit 102 of content is stored in protected format and has associated license file, file 141 of license being encrypted with usage of open key, associated with a group of reproduction devices 120,121, and, thus, each reproduction device 121 in group can decrypt file 141 of license and reproduce unit 102 of content, and devices not belonging to group can not do that, while device 121 for reproduction may provide the open key, specific for given device, to system for controlling content distribution, and then system for controlling content distribution returns secret key for group, encrypted with open key of device 121 for reproduction, after that device 121 of reproduction by protected method receives secret key of group and may decrypt file 141 of license.

EFFECT: creation of system for loading and reproducing protected unit of content, making it possible to constantly control usage of unit of content.

3 cl, 4 dwg

FIELD: copy/access protection.

SUBSTANCE: audio/video stream processing system includes module for inputting audio/video stream, which receives audio/video stream, containing field of information about audio/video content, including first copy control information, and audio/video content field, including second copy control information; reading module which extracts first and second copy control information from received audio/video stream and determines whether first copy control information is modified; and module for decoding audio/video stream, which processes received audio/video stream in accordance to predetermined criteria, if first copy control information is modified.

EFFECT: protection of content, prevented unsanctioned processing of content.

15 cl, 8 dwg

FIELD: cryptographic protocols, in particular, efficient encoding at content level.

SUBSTANCE: method is provided for generation of digital data with cryptographic protection, encoding content and composed into messages. Encoding of at least a part of the message is performed and encoded messages are provided in form of output signal in format, allowing the interface of server service to compose a message in form of at least one packet, including at least one header and useful load, where at least one header includes information, which allows the service interface in the client to assemble each message for decoding application using useful load of packets. Each message is divided onto the first and at least one additional section of the message. At least one of the message sections is encoded in such a way that it may be decoded independently from other message sections. Assembly of encrypted message is performed by addition of resynchronization marker, separating the message section from adjacent message section and including precise information about synchronization, at least for additional sections of the message.

EFFECT: synchronized decoding process in case of data loss.

14 cl, 8 dwg

FIELD: receivers/decoders of services, provided in conditional access mode, in particular, receivers having storage block (memorization device), such as a hard drive.

SUBSTANCE: method is claimed for storing an event, encrypted with usage of at least one control word (CW) in receiver/decoder (STB), connected to safety block (SC), where at least one control word and access privileges for aforementioned event are contained in access control messages (ECM-messages), method includes following operations: recording of encrypted event, and also of at least one ECM-message in storage block; transmission of at least one ECM-message into safety block (SC), verification of the fact that safety block (SC) contains access privileges for aforementioned event, generation of receipt (Q), which contains data related to management of event in reproduction mode, where receipt (Q) contains signature (SGN), generated on basis of the whole ECM-message or its part with usage of secret key (K) contained in safety block (SC) and specific for every safety block, where during later consumption of event the authenticity of the receipt (Q) is verified in prioritized manner compared to conventional access privileges, stored in safety block (SC), storage of aforementioned receipt (Q) in storage block.

EFFECT: provision of method for storing an event.

6 cl, 3 dwg

FIELD: receivers/decoders of services, provided with certain conditions, in particular in a system for accessing an encrypted data stream, priced per time unit.

SUBSTANCE: system contains control center (2), which transmits a data stream through a broadcasting channel, encrypted by means of control words, which are included in composition of access control messages, and meant for receipt by at least one user device (1), connected to safety block (3), having unique address and containing credit, which is reduced with purchase of products or consumption of data stream, where safety block (3) is provided with means for reducing credit for value, dependent on product, or for value, dependent on duration of access to data stream, where aforementioned values and/or duration are determined in access control messages or in conditional access messages, and system contains means, made independent from user device (1), for transmitting identifier, representing a unique number, and price code which indicates size of credit subject to load, in control center (2), and control center (2) additionally contains devices for receipt and verification of price code and for transmission of an encrypted message through broadcasting channel, having a unique address, corresponding to identifier, and giving a command to the safety block (3) to load the credit in defined amount.

EFFECT: development of a new approach to provision of access to paid television for broad clientele, substantially reduced subscriber management related costs.

5 cl, 1 dwg

FIELD: information encryption.

SUBSTANCE: system contains an encrypted data broadcasting centre, at least one control centre, a terminal device, a decoder located between the encrypted data broadcasting centre and the terminal device, the decoder includes an encrypted data reception and decryption module and a data access authority control module; the data access authority control module contains a protection module.

EFFECT: provision of system allowing to simplify access authority control at broadcasting centre level and ensuring optimal data security.

12 cl, 2 dwg

Up!