Method and device to control access to coded data

FIELD: information technologies.

SUBSTANCE: method includes the following stages: receipt of the first control message (ECM1), containing at least one control word (CW) and time score (TS); receipt of the second control message (ECM2), following the first control message (ECM1), besides, the second control message contains at least one control word (CW) and time score (TS); detection of duration of time period, corresponding to difference between time scores (TS) of two serial messages ECM1, ECM2; increasing counter of errors (CE) in case specified duration of time period is less than previously set duration (CP); reducing counter of errors (CE) in case specified duration of time period equals or exceeds specified previously set duration; return of control word (CW) into module of processing (STB) as waiting time expires, which depends on value of counter of errors (CE).

EFFECT: prevention of access to coded content in case of fraudulent use of decoders.

16 cl, 6 dwg

 

The technical field to which the invention relates.

The present invention relates to a method and apparatus for controlling access to data encrypted by control words, which the security module receives the control message and returns the processing module encrypted data.

The present method and apparatus are applied, in particular, in the field of pay-TV.

The level of technology

The known method in the field of pay-TV is that data encrypted by the data provider through the encryption keys, which are called control words. These data are transmitted to the multimedia modules users or subscribers. In parallel, the control words are transmitted in these multimedia modules in the form of flow control messages.

Multimedia modules usually consist of a processing unit, which in the case of pay-TV is a decoder receiving the above thread, and from a security module that is responsible for cryptographic operations associated with the use of such threads.

As is well known to specialists in this area, the protection module of this type can be represented in four different varieties. The first one is a microprocessor card, a smart card or, more generally, electronically the th module (in the form of a key, e-skip, etc). A module of this type, generally, is removable and can be connected to the decoder. The most widespread type of electrical contact, but it does not exclude the use of contactless connection, such as connection type ISO 14443.

A second known type of the security module is a module of the integrated circuits, which, as a rule, is placed in a certain fixed way in the module of the decoder. In one embodiment, the circuit is mounted on a base or connector, such as connector for a SIM module.

In the third security module is integrated into the integrated circuit that also has another function, for example in the module decoder in the decoder or in the microprocessor of the decoder.

In the fourth embodiment, the protection module is not physically made, and its functions are implemented using software. Given the fact that the function of the security module in these four cases are similar, although the level of protection and different, we can talk about the module protection regardless of how it functions, or how it is made.

After the multimedia module to get the stream containing the control words, first, it checks that the user has the rights to decrypt the given data. If so, t is produced decryption control messages, to extract the control words. These control words are in turn used to decrypt the data.

It is also known that each control word, as a rule, allows to decrypt a small part of the transmitted data. Usually one control word allows 10 seconds to decrypt pay TV programmes. After this period of time, called cryptoperiod, the control word is changed for security reasons.

One of the possible ways to access the encrypted data without authorization is to use genuine multimedia module with this module protection and distribution control words between multiple decoders. This can be done using the server or the separating device, known as a "splitter" (splitter). Thus, the amount corresponding to the acquisition of rights of access to encrypted data, shall be paid for one multimedia module, while the program available to a number of multimedia modules.

In the European application EP 1575293 describes a method designed to prevent the joint use of the security module by multiple users. To implement this method, the protection module has a memory intended for storing sequences of messages is s control. The security module also includes analysis tools abnormal sequences of the control messages. These tools work by comparing the message control placed in memory. When detecting an abnormal sequence is an increase in the error counter. In accordance with the value of the error counter in the processing of the control word is entered the time delay.

In the method described in this application, abnormal behavior is determined on the basis of the analysis of the used channels. For example, if the channel ID in turn is set to a and b, the analysis means determines that this is a case of aberrant sequence associated with the joint use of the security module. This error counter is incremented. On the contrary, if the channel ID is set And in several cryptoperiod, and then takes the value In several cryptoperiods, it will not be considered aberrant behavior, and the error counter will not be increased.

The invention described in the application US 2004/0215691, is intended to prevent such fraudulent use. To achieve this, every time multimedia module receives the control message, the module or the security module, which it is according to what tstuat, determines which channel is the control message. The IDs of the channels are memorized together with the time information. Messages are compared in order to determine whether they refer to different channels or the same channel. If they belong to different channels, then the counter is incremented by a certain value. If the message is a control belong to the same channel, the counter decreases. If the counter reaches a preset threshold, it indicates that there was a large number of changes channel and decryption of the control words is terminated.

The two processes described in documents EP 1575293 and US 2004/0215691, entail the need to have the ID of the corresponding channel for each message management. In some embodiments, this is not the case. Using the message management in particular as defined by standard Eurocrypt # : EN 50094 from December 1992, can identify the class of channels, and each channel separately. In this case, by using the invention described above, it is impossible to block the use of several multimedia modules that use only one security module and splitter.

The document "response to attacks on maps satellite television, using the open receiver and" XP-002333719, Francis and others in General terms describes the various tools in order to avoid fraudulent use of the security modules. In accordance with one private aspect, this document offers check whether the timestamp of the message in the future relative to the time stamp of the message received earlier. However, this document does not mention any specific solution. In particular, there is no information to differentiate between illegal use of the security module by multiple users and legitimate channel switching only one user.

Disclosure of inventions

The invention proposes to implement an alternative solution known in the technical field that does not use the channel ID, and, at the same time, preventing the use of a release device that allows access to encrypted content material from one of the security module to multiple decoders. Moreover, in accordance with this decision the ID of the corresponding channel is not needed, since the solution also works when the message control does not contain the identifier of the channel, and the channels, for example, grouped by class.

The purpose of the invention is achieved by a method of controlling access to encrypted data through the checkpoints for important locations the x words received by the security module in the control message and return to the module processing the encrypted data containing the following steps:

receiving the first message control that contains at least one control word and a time stamp,

receiving a second message control following the first control message and the second control message includes at least one control word and a time stamp,

determination of the length of the time segment corresponding to the difference between the timestamps of two consecutive control messages,

increasing the value of the error counter if the specified duration time is less than a preset duration,

the decrease in the value of the error counter if the specified duration is the length of time equals or exceeds the specified pre-specified duration.

The purpose of the invention is also achieved by a device for controlling access to data encrypted by control words received by the security module in the control message and return to the module processing the encrypted data containing

means receiving the first message is a control that contains at least one control word,

media is TBA receiving the second message control following the first control message and the second control message includes at least one control word,

means for determining the duration of the time interval separating two consecutive messages management,

means of increasing the value of the error counter if the specified duration time is less than a preset duration,

means of reducing the value of the error counter if the specified duration is equal to or exceeds the specified pre-specified duration.

In General, the method and apparatus in accordance with the invention enable on the basis of time information related to the control messages sent by the control center to determine how these messages control are sent and processed is fraudulent or in the usual way. Error counter measures can be taken, when detected abnormal use. There are different kinds of measures, such as short-break service, the delay control words or even lock the security module, in which case the unlocking can be done either automatically or upon request by phone. In the case of normal use, the user will not notice is icacy changes associated with the use of this method. Under normal use is understood as access to the encrypted content material on a specific channel, and channel switching (flight from advertising") within a "reasonable" period of time. Conversely, in case of fraudulent use of a separating device that serves multiple decoders from only one security module, access to the encrypted content material quickly becomes impossible. As soon as the use is again correct, access to the data can be re-enabled.

Brief description of drawings

The invention and its advantages can be better understood with reference to the accompanying drawings and detailed description of certain exemplary variant implementation, without introducing any restrictions.

Figure 1 presents an example of the structure of the messages used in the present invention.

Figure 2 presents a configuration in which two decoder used with only one protection module and the separation device.

Figure 3 schematically shows a variant implementation of the decryption process in accordance with this invention.

Figure 4 presents the message ECM control depending on time.

Figure 5 presents the value of the counters is ka errors depending on time, and control messages that are received, as shown in figure 4.

Figure 6 shows a variant of the invention, in which for different channels use different cryptoperiod.

The implementation of the invention

1 schematically shows the content and structure of messages ECM control (Entitlement Control Message), which is used in the present invention. This message ECM control contains fields in which, in particular, can be a time stamp reflecting the date and time, duration of cryptoperiod CF, SA conditions of access to audio and/or video and two control words CW1, CW2 different parity. The control message may also contain other fields that are not described in detail here. The data contained in fields of the message control, usually encrypted by key TC transmission. This message may also contain one or more headers that are not necessarily encrypted. In particular, the message includes a header H, which allows multimedia module to identify it as a message ECM control, the specified header must be encrypted. It should be noted that cryptoperiod not necessarily contained in such report management. In fact, if cryptoperiod different channels equal and remain constant during nekotoroh the period of time, cryptoperiod can be transmitted in the message EMM authorization (Entitlement Management Message).

According to the first variant implementation of the invention operates as follows. Standard, the message ECM control is sent to the multimedia module that contains the decoder STB and SC module protection. When this message is received, the control conditions of the CA access required to access a particular content material, hereinafter also referred to as audio and/or video data, is retrieved from the message management module protection. Then the security module checks whether he has the rights to return the control word. If this is not the case, the security module does not return control word. If the right to decrypt present, then the control word is passed to the decoder.

The value of cryptoperiod CF is also extracted from the message control or determined in another way. This value CF is stored in the memory, coupled with the security module. The corresponding control word is returned to the decoder, as a rule, is encrypted with the session key. The session key is usually based on a pair of asymmetric keys, and this pair is one of the keys stored in the module protection, and the other is stored in the decoder. The key of this pair are called paired keys (pairing keys) and, generally speaking, RA is personal and unique for each media module. The encrypted content may then be decrypted using this control word and displayed on the user's screen. The mechanism of pair formation is described in detail in European patent number EP 1078524.

When the multimedia module receives the following message management, it is decrypted so that, among other things, to remove the stamp TS of time.

This time stamp is compared with the time stamp that was stored during the processing of the previous message management. The difference between these two timestamps is compared with cryptoperiods, who was also saved during the processing of the previous message management. If this difference is less than the value of cryptoperiod, it means that the media module has received more than one message per cryptoperiod, and the counter is incremented. This counter, in the following description called counter CE error is usually in the module protection. The increase in this counter, therefore, is when the protection module is required to return the control words with a frequency greater than cryptoperiod, or due to switching of channels by the user, either because the work of more than one media module with the same protection module.

Figure 2 presents the configuration for Arby which is the invention. In this configuration, two data processing units or two decoder STB1, STB2 control word serves only one protection module and the separation device. In this configuration, when receiving one of the decoders messages ECM control, he sends him into the separation device SP, which, in turn, sends a control message back to the SC module protection. The latter decrypts this message, if it has that right, and then sends the control word to one of the decoder STB1 or STB2 through the separation device SP.

Figure 2 presents only two decoder. It is theoretically possible to provide control words more decoders through one of the security module and the separation device.

It should be noted that the method only controls the length of time associated with the message ECM control. If other message types, such as messages EMM authorization are sent between the two control messages, they are not taken into account and do not disrupt the functioning of the process.

Use counter data errors

Below describe the individual variant example of implementation with reference to figure 3. In this embodiment, the counter value of the CE error is used for making the time delay of the return of the control words CW extracted from the message E Is M management. In the example in figure 3 uses the assumption that cryptoperiod equals 10 seconds. Upon receipt of the first message ESM management it is processed so that it retrieves the contained control word, called, respectively, CW1(C1) and CW2(C1). It should be noted that in figure 3 the upper part corresponds to the channel C1, and the lower part corresponds to the channel C2. In order to avoid too much detail on this figure, the control word CW1(C1)corresponding to the channel C1, denoted simply as CW1. Similarly, the control word CW1(C2)corresponding to the channel C2, figure 3, also referred to as CW1. Due to their location in the figure, the difference between these two control words is obvious. In the description of the channel ID specified in the parentheses.

Message processing ESM management usually continues for several tens of milliseconds. While you are using one of the control words, for example, control word CW1(C1), is remembered another control word CW2(C1)contained in the same message ESM management. The control message corresponding to the same channel, as a rule, will contain the control word stored during the processing of the previous message, as well as additional control word that is provided for use in AMA next cryptoperiod. Thus, each control word is sent twice. This method of operation has the advantage consisting in that the control words, except those that were obtained immediately after channel switching, remember before will be used, and therefore, if necessary, immediately available.

Counter CE error introduces a time delay in the return of the control words of the security module in the decoder. This means that instead of processing the message ECM control and return control words, as soon as they were extracted, the transfer of said control words in the decoder is delayed for a period of time, which depends on the value stored in the counter.

Figure 3 presents an example in which illegal use of the separation device (splitter) between the security module and the two decoders STB1 and STB2. In the simplest case, when cryptoperiod the same, and when users don't switch the channels, when the above-described configuration for each cryptoperiod will be obtained two control messages. Therefore, for each cryptoperiod the counter CE errors will increase. This increase may be performed in accordance with predefined values, for example, on two units. As an example, we can imagine that the time delay is introduced in the processing of the message is s control the rate of 1 second per unit error counter, since, when this value exceeds the threshold value of 10. If the counter has not reached this threshold of 10 or equal to 10, the time delay is not included.

If the initial value of the counter is equal to zero (CE=0), then upon receipt of the first message ESM control value cryptoperiod CF, for example, 10 seconds will be saved. Decrypted control words CW1(C1) and CW2(C1). The control word CW1(C1) is used to decrypt the audio and/or video data and the control word CW2(C1) is stored for later use. Mark TS time, TS=T0, is extracted from the message management and remembered. When the following message ESM management accepted the multimedia module multimedia module retrieves the timestamp T1 time. The second message ESM control is processed in order to extract the control words, to use the first of them CW1(C2) and remember the second CW2(C2). Then, it calculates the difference between t0 and T1 and obtained a value of, for example, 6 seconds.

This value is compared with the memorized by cryptoperiod CF, which in our example is 10 seconds. Because the difference T1-t0 between the timestamp is less than cryptoperiod CF, the value of the counter CE error increases in our example, the two units. Thus, this value is 2.

When receiving the AI of the next control message ECM, corresponding to the first channel C1, checks the value of the counter CE errors. Since this value is 2 and, therefore, less than the previously set threshold value of 10, the time delay is not included. The security module processes the message, first removing the stamp TS time, TS=T2. Because cryptoperiod is 10 seconds, the result is T2-t0=10. As T1-t0=6 in this example, T2-T1=4 seconds. Because this value is less than cryptoperiod, the value of the error counter is incremented by two units and is equal to 4. Control word CW2(C1) and CW3(C1) are extracted from the message. During this time audio and/or video data is decrypted by means of the control word CW2(C1)obtained from the previous message control.

When you receive the following message ESM control protection module also processes the message and returns control word without any time delay. At this time, the decoder STB2 uses to decrypt the audio and/or video control word CW2(C2)obtained from the previous message.

The difference between the time stamp of this message and the previous value of 6 seconds, which is less than cryptoperiod. The counter value of the CE error increases by two units and is, therefore, a value of 6. Control word CW2(C2) and CW3(C2) are extracted from the message. When n is tenderly to use the control word CW3(C2), to decrypt the audio and/or video, this control word will be available, as it has been decrypted in the previously received message ECM control.

Multimedia module will then receive the fifth message ESM control that contains the control word CW3(C1) and CW4(C1). At this time the control word CW3(C1) can be used to decrypt the audio and/or video, as this control word was already passed in a previous message ESM management. Since the difference between the timestamps of the messages ECM and ESM control less than cryptoperiod, the value of the error counter is incremented by two units and is equal to 8.

Similarly, the following message ESM control contains control word CW3(C2) and CW4(C2), which can be used to decrypt the audio and/or video. The time stamp contained in this message means that an error counter is incremented by two units and is equal to 10.

The following message ESM control contains control words CW4(C1) and CW5(C1). Since the error counter is set to 10, which is equal to the threshold value but does not exceed this value, the message ESM processed to immediately return control word. This means that the control word CW5(C1) will be available for audio and/or videomature the La at the required time. The error counter will again be increased by two units and will be equal to 12, exceeding thus the threshold value.

The following message ESM control contains control words CW4(C2) and CW5(C2). This message is processed immediately, but the control words which it contains, will not return until until 12 seconds. This means that when cryptoperiod equal to 10 seconds, the control word is returned after 2 seconds after the end of cryptoperiod. During these two seconds, the control word required for access to audio and/or video, is the word CW5(C2). However, this control word is not available before it is returned to the decoder. As a result, in the last two seconds of audio and/or video is unavailable. The result on the user's screen will be scrambled image or uniformly black or white screen.

The process continues in the same way by adding two units to the error counter and, respectively, two seconds to the time of return of the control words. For this reason, during the processing of the next message ESM control, audio and/or video will not be available within 4 seconds. For subsequent messages ECM, ESM and ECM time during which access to audio and/or video impossible, 6 seconds, 8 seconds, 10 seconds, respectively. As you can see, when the time delay is equal to twice cryptoperiod, the content is no longer available.

Stamp TS of time, such as those described above, in theory, may have a resolution of about a second or even a few seconds, for example 4 seconds. This means that the difference between two values of the time stamps will also be expressed in seconds, not in fractional parts of seconds.

It should be noted that the example described above uses the time specified in the timestamp. If the media module, that is, the protection module and/or the decoder contains the watch device, then, of course, you can calculate the difference between two points in time obtained from the time device, but not between time stamps. In both cases, however, the principle of the invention remains the same.

The use of the buffer memory

The system as described above has a limitation, in the case when for storing audio and/or video is used the buffer memory to compensate for the delay introduced by the protection module, and makes it, therefore, invalid.

One way to do this memorizing useless or at least inefficient is not to fix the upper limit of the delay caused by the error counter, or commit to a very Bo is isoi limit. Thus, since the error counter is incremented by two each time a non-standard control message, it will almost always reach values exceeding twice cryptoperiod or even more, thus exceeding the interval introduced by the buffer memory. Since that time, the entire audio and/or video is no longer available. However, this can give a negative effect. In fact, if the error counter reaches significant size, it is necessary to wait for a considerable time after the splitter has been stopped, in order to reduce the error count was sufficient for correct operation of the system.

Another way to do this remembering ineffective is to not return control word, which, taking into account the delay must be sent in the period during which the content is no longer encrypted control words, presumably sent by the security module. For example, the control message marked as ESM in figure 2, contains control words CW4(C2) and CW5(C2). When the value of the error counter is equal to 12, these control words must be returned at the end of cryptoperiod. In this case, these control words are simply not returned. Because the control word CW4(C2) is contained in the message ESM, audio and/and and the video can be decrypted until the end of cryptoperiod, using these control words. Once made the following change to the content is no longer available. However, the error count continues to increase as the frequency of sending the control message has not been modified.

Decrease counter

Mode of misuse, described earlier, it is clear that if two users simultaneously access protection module, in order to desirability data, these data will quickly become unavailable. If a user ceases to access the security module, for "legitimate" user may be provided access to this content material. Therefore, the proposed solution is to reduce meter CE errors in accordance with pre-established rules.

4 and 5 schematically illustrates the reduction of the error counter, as well as the increases in accordance with cryptoperiod CF and the difference between the timestamps of two consecutive messages ECM control. In accordance with one of the possible rules, whenever a message ECM control made correctly, that is, when the difference between the timestamp of this message and the previous message is cryptoperiod, the error counter is decremented by one.

As an illustration, is as figure 4 shows received messages ECM control with time dependence, while figure 5 shows the counter value of the CE error depending on the time.

It should be noted that in this example, the initial value of the error counter is not zero, but equal to 2. Due to the fact that no down payment no delay until a threshold is exceeded, this initial non-zero value does not have a negative effect on decryption. Conversely, the consequence will be that in case of fraudulent use of a threshold value, from which the insertion delay is achieved faster.

Return the control words contained in the first control message is not delayed, because the threshold is not reached. The first control word allows you to access audio and/or video. The second control word is stored by the decoder. At the end of cryptoperiod multimedia module receives a new message ESM management. After comparing the timestamps of the two messages cryptoperiod first message ESM management is that cryptoperiod is equal to the difference between the timestamps contained in the control messages. At this point, the counter value of the CE error is reduced in accordance with a predetermined rule, in this case one unit. Thus, it takes the value of 1.

When a multimedia fashion is l takes the following message management checks the value of the error counter. It equals 1. Accordingly, the time delay does not apply. During this time, the previously stored control word received from the previous message control is used to access audio/video content material. The counter is decremented in accordance with a predetermined rule, and now accepts a null value.

In the illustrated example, the multimedia module receives a new message ESM control, where the difference between the time stamp of this message and the previous message is less than cryptoperiod. At this point, the counter is incremented by two units and is equal to 2. This increase can occur for two different reasons. In accordance with one of these reasons, the user switches the channel (flight from advertising). In accordance with another reason used the splitter. As described above with reference to figure 3, the counter is incremented, for example, in increments of two.

In the example shown in figure 4 and 5 the difference between the timestamps of two consecutive messages ECM control less than cryptoperiod, until the message control, identified as ESM. The value of the error counter is incremented every time two, until it reaches the value 12. As shown in figure 3, when the value is the count exceeds 10, paid time delay in the return of the control words. Thus the user will not have access to the entire audio and/or video. Figure 4 and 5 at the time of receipt of control messages identified from ESM to ESM, the difference between the time stamps equal to cryptoperiod, and the counter value of the CE error, therefore, reduced by 1 for each message. Once this counter reaches 10, the time delay processing is canceled, and audio and/or video material becomes fully available to the user.

Figure 6 illustrates one of the embodiments of the invention, according to which cryptoperiod different channels differ. This figure also assumes that the device according to the invention is used fraudulently to service two decoders only from one module protection and that each channel receives only one message control of the two. Such use of a single message control of the two possible due to the fact that each of these messages contains two control words. Therefore, in this case all control words will also be available for two channels.

As an example, assume that cryptoperiod channel 1 provided in the upper part 6, has a length of 7 seconds. Cryptoperiod channel 2, presents the and the lower part 6, has a length of 5 seconds. Will be considered the case when the first message control each channel C1 and C2 are taken simultaneously. The first message ESM (C1) control channel 1 contains the indication that cryptoperiod lasts 7 seconds. This message contains the control words CW1(C1) and CW2(C1).

The first message in a control channel 2 contains the value of cryptoperiod equal to 5 seconds, along with the control words CW'1(C2) and CW'2(C2).

In the example shown in Fig.6, the following messages for each channel are not used. The following used the message is a control message, marked as ESM(C2). This message is received via two cryptoperiod after the first message ESM(C2), so it is considered as valid. The value of the error counter, thus, remains at a zero value or perhaps reduced.

The following message received by the security module has a designation ESM(C1). It is made in two cryptoperiod after the first message ESM(C1), namely through 14 seconds in our example. This means that it also takes 4 seconds after the message ESM(C2)corresponding to the channel C2. This value is 4 seconds less than cryptoperiod contained in the previous control message. The value of the error counter is thus incremented by 2 units, e is whether the same rule, as in the previous example. This counter CE error, therefore, is 2.

The following message will be received after 4 cryptoperiod channel C2, that is, through(45)-(27)=6 seconds after the last received message ESM(C1). Because this message contains a value of 7 seconds for cryptoperiod, the message ESM(C2) is considered incorrect and the value of the error counter is incremented by 2. It thus reaches the value 4.

The following message ESM(C1) is received through(47)-(45)=8 seconds. Previous message contained the value of cryptoperiod related to cryptoperiod channel C2, namely 5 seconds. Time 8 seconds since previous messages larger than this value, equal to 5 seconds. The message, therefore, is considered to be correct. The counter value of the CE error is thus reduced by one. Continuing with the method described above, it can be shown that the error counter will alternately increase and then decrease. Because the increase is produced by step the size of the two units, and the reduction is made by step the size of the unit, the value of this counter in case of fraudulent use will increase, as shown in Fig.6. This counter will accept values 0, 2, 4, 3, 5, 4, 6, 5, 7, ... until then, until you exceed ogopogo values, since that generates the delay control words.

It should be noted that a case where the user decrypts only one control message of the two, as described with reference to Fig.6, is the most unfavorable case in relation to the detection of fraudulent use. It is easy to see that when the Scam decrypt all messages ECM control, the value of the error counter will increase faster, and the return control word protection module will be correspondingly delayed faster.

The protection module and coupled decoders

The rest of the description is applicable particularly, but not exclusively, in the case when the protection module and the decoder forming the multimedia module, coaxial. In this case, each of them contains one key of the asymmetric key pair, and this pair is different and unique for each module type decoder/security module. In this configuration, when activated multimedia module, the protection module and the decoder agree on the session key, which is usually a symmetric key. This session key is used to encrypt the control words CW that have been decrypted by the security module, before to be sent to the decoder. The use of such a session key creates a problem for the scammer using the splitter. In fact, pokolbasishsya key pair protection module/decoder 1 is different from the session key pair protection module/decoder 2, you must agree on a session key for each message reception ECM control for various channels. In the case illustrated in figure 3, when the message control alternately accepted for channel C1 and another channel C2, in accordance with the individual variants of the multimedia module, the session key should be consistent between each message received ECM control.

In order to reconcile such a session key, you must reset the security module. This is accomplished by sending the reset command in the multimedia module. This command, therefore, may be sent between each message ECM control. In this case, it is important that the counter value of the CE error was not cleared to zero. It is also desirable to increase the counter value in the case that the reset to zero corresponds to fraudulent use.

To do this, the protection module remembers the last time he got in volatile memory. This time is sent to, for example, a control center in the form of message control. When receiving a reset command this time is memorized in the nonvolatile memory.

Parallel to this, as already mentioned, the messages ECM controls contain the stamp TS of the time. Multimedia module or, more precisely, the security module also Zapovednik is inet period of time, called "waiting time", which, in principle, greater than or equal to cryptoperiod.

Upon receipt of each message ECM control protection module calculates the difference between the stamp TS of the time this message, the ESM and the most recent time taken before the last reset to zero, which is stored in the nonvolatile memory. If this difference is greater than the timeout, the error counter can be reset to zero or any value for which to return the control words there is no delay. If this difference is less than the timeout, this means that the protection module decrypt the message control shortly before reset to zero, which may correspond to a configuration that uses a splitter. The error counter is incremented in accordance with a predetermined rule, for example, on 3 units.

In accordance with the first embodiment with the point at which the control message has been processed "shortly" to reset to zero or the last saved time, i.e. in a time interval less than the waiting time, paid time delay. This prevents you from storing a value of the error counter in non-volatile memory. Instead, in the case of "legitimate" reset to zero for technical reasons conscientious user must wait until the time delay before h is m will be able to access audio and/or video. Moreover, if during this time will be switched channel, the counter value will be increased.

In accordance with another embodiment, the value of the error counter is stored in such a way that the reset command does not reset the error counter to zero. On the contrary, it is maintained the way it was before you reset to zero. Similarly, the reset command between each message ECM control quickly will prevent access to audio and/or video. Conversely, random reset to zero will not prevent access to audio and/or video material until a sufficient number of control messages has been processed correctly between two consecutive discharges to zero. In order to prevent any cumulative effect in normal conditions, if the period of time between the first message processing control (after reset to zero) and the time of the last treatment prior to discharge to zero sufficiently large (e.g. several hours), the error counter will be reset to zero. The time required to reset the counter to zero, can be determined in advance and is called idle time.

It should be noted that there are security modules, called multisensory who are able to remember a few of the session keys. In the case of standard what about the use of dialogue with the media module, or even with the node decryption content material which can be placed in the same device, provision may be made for each session key.

When accessing the protection module one of the blocks decryption will be added identification index. The protection module will process this message in the environment related to this unit and containing the session key (if functioning pairing), other identification data (law, credit) and data identifying fraudulent use, as described above. In particular this applies to the error counter, the time stamp of the last message processing and control values cryptoperiod.

Thus, the same protection module can work with multiple blocks decryption, checking that the total number of decoders associated with this module does not exceed a predetermined limit. This limit can be set in accordance with user settings.

Increase/decrease at different speeds

In the shown examples, the counter value increases faster than it decreases. It increases, for example, two units, when the difference between the timestamps of two consecutive control messages is less than cryptoperiod. It has increased by three units after each reset to zero, consider the AK incorrect, while reduced only by one after each correct reception. This makes it possible to avoid special cases in which, using the reset to zero and the correct processing of the control messages, you can keep a count of the errors in the range in which the scammers can always or almost always to have access to audio and/or video.

In accordance with another variant, it is possible to provide that the reduction was made faster than the increase.

The length of the delay

As shown previously, is usually provided for the introduction of a delay, when the value of the error counter reaches a certain threshold. Above this threshold, the delay may be proportional to the content of the counter, or may increase stepwise, or may be fixed. Usually this delay is done in order to prevent access to part of the audio and/or video for some time fraudulent use, and then to the entire audio and/or video after a longer period of fraudulent use.

In the examples described above indicate that the duration of cryptoperiod message management is extracted together with its time stamp, and then at the time you receive the following message control is the verification is to confirm equal to the difference between the time stamp of this message and the timestamp of the previous message to cryptoperiod or less. This means that cryptoperiod and the timestamp of the first message should be stored.

In accordance with one option, you can calculate the difference between the timestamps of two consecutive messages ECM, ESM management and to test whether this difference is equal to or less than cryptoperiod extracted from the second received message ESM. This approach has the advantage that you do not need to remember cryptoperiod and thereby it is possible to conserve memory.

In the examples described above, the value of the error counter may be between 0 and the threshold value, for example 10, or may exceed this threshold. If this value is between 0 and the threshold value, then the time delay no. If the threshold value is exceeded, the insertion delay. It is clear that you can limit the maximum value of the counter that will allow you to set limits on the number of correct consecutive messages that are to be decrypted, so that the counter value has again become less than the threshold value.

In accordance with one option, you can reverse the direction of the counter, which means that after each correct operation Desir the cation counter is incremented at that time, as during the fraudulent use count is decremented. In this case, the time delay is introduced when the counter contains a value somewhere between 0 and the threshold value, and if the counter value exceeds this threshold value, then the time delay is not included.

In the described examples mentioned using two decoders with one protection module. When fraudulent use, of course, you can connect more than two decoder to the security module via the splitter. According to the invention, it will block access to audio and/or video even faster, because the error counter will be increased accordingly faster.

1. Method for managing access to the data encrypted by control words (CW)received by the security module in the message (ECM) and control is returned to the module (STB) processing encrypted data containing the following steps:
receiving the first message (ECM) control containing at least one control word (CW) and the stamp (TS) time;
receiving a second message (ECM) control following the first message (ECM) control and the second control message includes at least one control word (CW) and the stamp (TS) time;
determination of the length of the time segment corresponding to the difference between the y marks (TS) time two consecutive messages (ECM, ECM) control;
increasing the value of the counter (CE) error if the duration time is less than a preset duration (CP);
the count is reduced (CE) error if the duration time is equal to or exceeds a preset duration;
the return control word (CW) in the module (STB) processing time, which depends on the value of the counter (CE) error.

2. The method according to claim 1, characterized in that the value of a preset length contains at least one message (ECM, ECM) control.

3. The method according to claim 1, characterized in that the value of the predetermined duration is contained in the message (EMM) authorization.

4. The method according to claim 3, characterized in that the value of the predetermined duration is shared by multiple devices, which transmit the encrypted data.

5. The method according to claim 1, characterized in that the value of a predetermined duration equal to the duration of the period of time during which data encrypt one control word (CW).

6. The method according to any one of claims 1 to 5, characterized in that the first message (ECM) control includes one stamp (TS) time, the second message (ACM) management includes another stamp (TS) of the belts, and the length of time separating two consecutive messages of the control corresponds to the difference between these timestamps (TS) time two control messages.

7. The method according to any one of claims 1 to 5, characterized in that the security module and/or the processing module includes a clock device, with the length of time separating two consecutive messages of the control corresponds to the difference between the receipt of the first message (ACM) management and receipt of the second message (ECM) control, and these moments are determined by time of the device.

8. The method according to claim 1, characterized in that the waiting time is zero when the counter value (CE) error is less than a predefined threshold value.

9. The method according to claim 1, characterized in that the increase in the value of the counter (CE) errors produced in accordance with pre-established rules.

10. The method according to claim 1, characterized in that the count is reduced (CE) errors produced in accordance with pre-established rules.

11. The method according to claim 9 or 10, characterized in that the predefined rules to increase the value of the counter (CE) errors and decrease the value of the counter (CE) various errors.

12. The method according to claim 11, characterized in that the increase in the value of the counter (CE) errors produce fast is it than decrease.

13. The method according to claim 1, characterized in that in the case of restarting the protection module further comprises the following steps: determining the time corresponding to the last time, the received multimedia module; determining the time of receipt of a new message (ECM) control; the dierence between these two times; increasing the value of the counter (CE) error if this difference is less than a predefined timeout.

14. The method according to item 13 wherein if the difference between the two times is more than a predefined period of inactivity, then restart counter (CE) error.

15. Device for controlling access to data encrypted by control words (CW)received by the security module in the message (ECM) and control is returned to the module (STB) processing encrypted data containing
means receiving the first message (ECM) control containing at least one control word (CW);
means receiving the second message (ECM) control following the first message (ECM) control and the second control message includes at least one control word (CW);
means for determining the duration of the time interval separating two consecutive messages (ECM, ESM) Council is to be placed;
means to increment a counter (CE) error if the duration time is less than a preset duration (CP);
means of reducing the value of the counter (CE) error if the duration time is equal to or exceeds a pre-specified duration.

16. The device according to item 15, characterized in that it further includes means for returning the control words (CW) in the module (STB) processing after a time that depends on the value of the counter (CE) errors.



 

Same patents:

FIELD: information technologies.

SUBSTANCE: invention relates to method of control of access to data (CT) coded by means of control words (CW) received by protection module in control messages (ECM) and returned to module of coded data processing. Control messages (ECM) contain at least the first control word (CW1) and the second control word (CW2), at the same time each of specified control words provides access to coded data (CT) during the specified period of time called cryptoperiod (CP). Method includes the following actions: transfer of coded data into at least one module of processing; and transfer of control messages (ECM) into specified processing module, besides, control messages (ECM) contain at least two specified control words (CW1, CW2) and are sent to processing module after transfer of data coded by means of the first control word (CW1) and prior to transfer of data coded by means of the second control word (CW2), time shift between transfer into module of processing of data coded by means of the first control word (CW1) and transfer of control message (ECM), containing the first control word (CW1) and the second control word (CW2), makes more than 75% of cryptoperiod.

EFFECT: prevents access to coded content with fraudulent use of two decoders with only one module of protection.

4 cl, 4 dwg

FIELD: information technologies.

SUBSTANCE: device (3400) for processing of coded data flow (3401), comprising a decoding module (3402) to generate decoded data flow (3403) from coded data flow (3401), detection module (3404) for detection of information on position of at least one intra-coded frame in coded data flow (3403) and substitution module (3405) for substitution on the basis of detected information on position of coded data flow (3401) parts with according parts of decoded data flow (3403).

EFFECT: increased efficiency, speed of data flow processing by means of selective substitution of only that data in data flow, which is required for further use of data flow.

28 cl, 37 dwg

FIELD: information technology.

SUBSTANCE: metadata which classify new bulletins as a whole and their separate subject matter are formed; said metadata are sent to a user terminal. Received metadata are recorded into memory which may or may not be integrated into the user terminal. Recorded metadata are compared with previously recorded news bulletins and their subject matter; based on said comparison, recorded news bulletins are divided into video files of news items; obtained video files are recorded into memory. A database of news items is created with possibility of further browsing in an audio-visual information display device. In order to provide the proper accuracy of dividing recorded news bulletins into video files of news items, the timing device of the user terminal is periodically corrected using standard time signals.

EFFECT: possibility of selection of separate news items of interest by a user, acquaintance with history of the news item previously browsed by the user, as well as with the entire spectrum of views on the browsed news item.

6 cl, 5 dwg

FIELD: physics; computer engineering.

SUBSTANCE: invention relates to an information processing device, an information recording medium and a method of processing information. Several content administration modules, which correspond to a name, index and some other information, are installed by dividing into parts content stored on an information recording medium. Different module keys, which are encryption keys, are allocated for different content administration modules. At least content data arriving in real time, included in each content administration module, are encrypted using the module key, and the encrypted data are stored. When playing back content, modules are identified, and decryption for playing back is carried out using the module key which corresponds to each module.

EFFECT: copyright administration for each part of data, obtained through segmentation of content recorded on a recording medium.

41 cl, 37 dwg

FIELD: physics, communications.

SUBSTANCE: invention concerns security modules actuated at device receiving encoded digital data; claimed method is particularly intended for transfer of data on date and current time to security module, and for decoding authorisation management based on validity period for data received or stored by indicated device. Method of authorisation duration control in security module installed in device with internal clock, where the device received digital data flow encoded with reference words included in authorisation reference messages, involves the following stages: data from internal device clock, including information on current time, are receiver over security module; information on current time is stored in security module; authorisation reference message requiring decoding of at least on reference word is received over security module; information on previous time when previous authorisation reference message was processed is read; authorisation reference message is processed if time indicated in current time information is ahead of time indicated in previous time information.

EFFECT: enhanced safety of data transfer.

10 cl, 1 dwg

FIELD: physics; computer engineering.

SUBSTANCE: present invention pertains to digital television (DTV), especially to the method of verifying identity of a subscriber terminal in a DTV network. The method of carrying out authentication procedure of at least one subscriber terminal comprises the following stages: reading out, using a set-top box (STB) at the subscriber terminal, the period of validity of the key and key information, stored in the subscriber identification module at the subscriber terminal when the set-top box is launched; initiation, using the STB, of sending a request for authentication to a central station, if the period of validity of the key has expired, and authentication by the central station, in accordance with the authentication request; determination by the central station of whether authentication has been successful, and if successful, sending a corresponding reply message, containing new key information, and a reply message on failure of authentication if otherwise; updating, through the STB, key information when a reply message on successful authentication has been received.

EFFECT: reduced congestion of a network or authentication server.

18 cl, 8 dwg

FIELD: information technologies.

SUBSTANCE: invention can be used in system of the forced performance of requirements which provides access possibility to the enciphered digital content on a computing mechanism only according to parametres the certain rights of the license got by the user of digital contents. The first confidential builder on the first computing mechanism carries out cryptographic, an estimate and the forced performance of requirements and forcedly contacts it, the first certificate of the user device corresponding to the first computing mechanism, forcedly contacts the user. Accordingly, the second confidential builder on the second computing mechanism carries out cryptographic processing, an estimate and the forced performance of requirements and forcedly contacts it, the second certificate of the user device corresponding to the second computing mechanism, also forcefully contacts the user. The first competent builder gains contents for reproduction on the first computing mechanism by means of the first certificate of the user device and the license, and the second confidential builder gains contents for reproduction on the second computing mechanism by means of the second certificate of the user device and the same license.

EFFECT: prevention of non-authorised duplication of digital content by the user related to the digital license and having of some computing mechanisms.

16 cl, 6 dwg

FIELD: information technologies.

SUBSTANCE: invention refers to method of control of decoding of program traffic set received by receiving system. Method of control of decoding of program traffic set received by receiving system implying that sequence of messages is received in conventional access subsystem (9, 10) comprising the specified receiving system, and each message is associated with one of coded program traffic set and represents information return enabling decoding of associated coded traffic by at least one decoding module (12) within receiving system. It is detected whether messages received within certain interval are associated with various coded program traffic set, and at least one of requests presented by messages received within certain interval is rejected, if number of various coded program traffics with which these messages are associated, exceeds preset value.

EFFECT: creation of receiving system, portable protector which enables program traffic provider to control program traffic set to which user of receiving system simultaneously addresses.

16 cl, 2 dwg

FIELD: information technology.

SUBSTANCE: decoder and subscription television data control system proposed contain at least two decoders, each of those is connected to at least one removable protective module. The protection is realised using identification data, contained in the decoder and protective module indicated. Besides, each of the decoders contains a descrambler and subscription television data processing deactivation units. Each decoder also contains a counter, which influences the deactivation units mentioned. Besides, at least one of the removable protective modules is assigned as primary and therefore contains decoder counter reinitialisation units.

EFFECT: provision of capability to regulate decoder operation time and to adjust operation parameters at any time using protective module.

19 cl, 13 dwg

FIELD: information encryption.

SUBSTANCE: system contains an encrypted data broadcasting centre, at least one control centre, a terminal device, a decoder located between the encrypted data broadcasting centre and the terminal device, the decoder includes an encrypted data reception and decryption module and a data access authority control module; the data access authority control module contains a protection module.

EFFECT: provision of system allowing to simplify access authority control at broadcasting centre level and ensuring optimal data security.

12 cl, 2 dwg

FIELD: information technologies.

SUBSTANCE: user generates identifier of secondary key on the basis of secondary key and the first variable of session related to the first session, and sends identifier of secondary key to application, generates traffic key related to specified identifier of secondary key and executes safe communication with specified application with the help of specified traffic key during the first session. At the same time the second variable of session is matched with the specified application for communication during subsequent second session.

EFFECT: improved confidentiality of user in communication system.

33 cl, 3 dwg

FIELD: information technologies.

SUBSTANCE: invention relates to method of control of access to data (CT) coded by means of control words (CW) received by protection module in control messages (ECM) and returned to module of coded data processing. Control messages (ECM) contain at least the first control word (CW1) and the second control word (CW2), at the same time each of specified control words provides access to coded data (CT) during the specified period of time called cryptoperiod (CP). Method includes the following actions: transfer of coded data into at least one module of processing; and transfer of control messages (ECM) into specified processing module, besides, control messages (ECM) contain at least two specified control words (CW1, CW2) and are sent to processing module after transfer of data coded by means of the first control word (CW1) and prior to transfer of data coded by means of the second control word (CW2), time shift between transfer into module of processing of data coded by means of the first control word (CW1) and transfer of control message (ECM), containing the first control word (CW1) and the second control word (CW2), makes more than 75% of cryptoperiod.

EFFECT: prevents access to coded content with fraudulent use of two decoders with only one module of protection.

4 cl, 4 dwg

FIELD: information technology.

SUBSTANCE: system receives multiple sets of authenticating data for a set of authentications from a set of authentication sources and presents the said set of authentications in a graphic user interface, where the graphic user interface includes a corresponding part for each of the said set of authentications, which is set up based on its set of authenticating data. The system can flexibly set up the graphic user interface.

EFFECT: flexible and broader setup of a user interface.

19 cl, 6 dwg

FIELD: information technology.

SUBSTANCE: method involves reception of a payload data element using a processing device; performing cryptographic authentication of the payload data element; storing the authenticated received payload data element in a data processing device, and protecting integrity of the stored payload data element. The cryptographic authentication process involves calculation of a control hash function value of at least the received data element. Protection of integrity also involves calculation the standard value of a message authentication code at least for the control hash function value using a secret key stored in the data processing device as input data.

EFFECT: more computationally efficient mechanism for providing security, which protects software and when loading software into a device.

34 cl, 11 dwg

FIELD: information technologies.

SUBSTANCE: method is based on series of information bits match with bits in bytes of colour presentation, with change of least significant bits in initial image and requiring minimum correction of statistical characteristics of only least significant bits, as a result of accidental nature of matches. Least significant bit is replaced in bytes in initial digital image, besides, flag value "one" is assigned to least significant bit in bytes of initial digital image, if part of digital image signal byte bits and message signal bits match, or flag value "zero" is assigned in case of non-match, at the same time correction of statistics of distribution of least significant bits is made by their remaining part, which is not used as flag values.

EFFECT: possibility to store and transfer large volumes of confidential information.

3 dwg

FIELD: information technologies.

SUBSTANCE: in method of safety authentication in each link of wireless network, upper level key holder (R0KH) receives and stores upper pair main key (PMK_0) for each query wireless device after process of authentication. All access points (AP) of authenticator accept the role of the first level key holder (R1KH) and receive pair main key of another level (PMK_1) from R0KH. Key of data protection of the communication line level is extracted from PMK_1 by means of 4-side quitting of communication according to standard 802.11i.

EFFECT: provision of hierarchical safety structure for each link of wireless network.

11 cl, 6 dwg

FIELD: information technologies.

SUBSTANCE: playstation analyses coded certificate stored in hard drive memory. Having detected hard drive, playstation obtains a coded certificate from hard drive memory and decodes it. Certificate contains parametres related to hard drive such as, for instance, serial number of hard drive, number of model, capacity of hard drive memory and trademark, specifying authentication of hard drive. Playstation also obtains specified parametres from hard drive in unencrypted form. Parametres extracted from coded certificate are compared to parametres read from hard drive memory in unencrypted form. If specified parametres correspond to each other, hard drive is considered to be authentic. Certificate is coded by personal key of pair of open-personal key and is decoded by according open key using available cryptographic methods of open key.

EFFECT: execution of playstation capable of determining whether hard drive is authorised to use with playstation.

17 cl, 6 dwg

FIELD: information technology.

SUBSTANCE: transmission method involves reception of a primary integrity key encrypted with a content key and at least one encrypted content stream from a content owner by a stream server; reception of a request from an electronic device for information on said content stream; formation of at least one initial value by the stream server; transmission of information in response to the said request on one content stream by the stream server to the said electronic device, where the said information contains at least one initial value and the primary integrity key encrypted with a content key; formation of at least one session integrity key in the said stream server using the said at least one initial value and the said primary integrity key; protection of integrity of at least one content stream in the said stream server using the said at least one session integrity key; and transmission to the said electronic device at least one content stream with integrity protection formed using at least one session integrity key.

EFFECT: higher protection of stream content.

38 cl, 4 dwg

FIELD: information technology.

SUBSTANCE: multiplication value decision unit (12) decides a multiplication value which is a positive value or a negative value corresponding to a bit value of each bit contained in a binary bit string constituting a scramble pattern generated in a pattern generation unit (11). A multiplication processing unit (13) multiplies symbol data representing each symbol value in the symbol data string formed by the multi-value symbol containing a predetermined pair of a positive value and a negative value having an identical absolute value, in the value area, by the multiplication value decided by the multiplication value decision unit (12). At that moment, the multiplication processing unit (13) successively executes multiplication between the symbol data for one symbol and the multiplication value decided in accordance with the bit value of the one bit contained in the scramble pattern until the number of symbols expressed by the symbol data string is reached.

EFFECT: scrambling a data string through simple processing, even when the function channel content is changed.

7 cl, 8 dwg

FIELD: information technology.

SUBSTANCE: key is generated in an electronic component for a specific cryptographic algorithm. For this purpose a prime number P is stored in memory of the electronic component and at least one secret prime number is generated. In order to generate a secret prime number at step /a/ two integers p1' and p2' whose sum is equal to a number p' are randomly selected; at step /b/ it is determined (12) whether the number p' is a prime number, on the basis of a combination of the stored prime number P with the numbers p1' and p2' so as to maintain said number p' secret; at step /c/ if the number p' is determined to be a prime number, numbers p1' and p2' are stored (14) in the memory of the electronic component, otherwise steps /a/ and /b/ are repeated.

EFFECT: higher efficiency of key generation method.

16 cl, 2 dwg

FIELD: information technologies.

SUBSTANCE: method to obtain personal user information from user of device, to authenticate the specified user, besides, obtained personal user information is stored in specified device, includes stages of automatic detection, as device is switched on, whether it is required to obtain personal user information from device user; at that it is required to obtain personal user information in case if the specified device does not contain any personal user information, or if personal user information already available in the specified device, is not complete, or if personal user information stored in the specified device is outdated; and to execute an action to obtain specified personal user information, if it has been detected that obtaining it is required.

EFFECT: facilitation of work with applications of electronic wallet.

18 cl, 2 dwg

Up!