CROSS-REFERENCE TO RELATED APPLICATIONS

This is a continuation of app. Ser. No. 09/748,313, filed Dec. 26, 2001, presently pending, which is a continuation of application Ser. No. 09/488,104, filed Jan. 20, 2000, U.S. Pat. No. 6,246,767, which is a continuation of U.S. app. Ser. No. 09/127,152, filed Jul. 31, 1998, now abandoned, which claimed the benefit of U.S. Provisional Application No. 60/054,575, filed Aug. 1, 1997, and is a CIP of application Ser. No. 09/111,958, filed Jul. 8, 1998, now abandoned, which claimed the benefit of U.S. Provisional Application No. 60/054,578, filed Aug. 1, 1997, and is CIP of application Ser. No. 08/767,535, filed Dec. 16, 1996, U.S. Pat. No. 6,005,938, and is a CIP of application Ser. No. 08/580,759 filed Dec. 29, 1995, U.S. Pat. No. 5,870,474, which claims the benefit of U.S. Provisional Application No. 60/007,962, filed Dec. 4, 1995, and is CIP of application Ser. No. 08/415,617, filed Apr. 3, 1995, U.S. Pat. No. 5,742,677.

RELATED PATENT APPLICATIONS

The present application descends from an application which was one of seven original applications with identical Detailed Descriptions. All of these applications have the same filing date and the same assignee. The serial numbers and filing dates of the six applications follow:

Ser. No. 09/126,783, filed Jul. 31, 1998, presently abandoned, for which a continuation Ser. No. 09/487,076 was filed on Jan. 19, 2000; Ser. No. 09/126,921, filed Jul. 31, 1998, issued as U.S. Pat. No. 6.157,719; Ser. No. 09/127,273, filed Jul. 31, 1998, presently abandoned, for which a continuation Ser. No. 09/493,409 was filed on Jan. 28, 2000; Ser. No. 09/127,352, filed Jul. 31, 1998, presently abandoned, for which a continuation Ser. No. 09/488,230 was filed on Jan. 20, 2000, presently allowed; Ser. No. 09/126,888, filed Jul. 31, 1998, presently abandoned, for which a continuation Ser. No. 09/464,794 was filed on Dec. 16, 1999; and Ser. No. 09/126,795, filed Jul. 31, 1998, issued as U.S. Pat. No. 6,105,134.

FIELD OF THE INVENTION

The invention concerns systems for protecting information and more particularly concerns systems for protecting information that is transmitted by means of a wired or wireless medium against unauthorized access.

BACKGROUND OF THE INVENTION

One way of distributing information is to broadcast it, that is, to place the information on a medium from which it can be received by any device that is connected to the medium. Television and radio are well-known broadcast media. If one wishes to make money by distributing information on a broadcast medium, there are a couple of alternatives. A first is to find sponsors to pay for broadcasting the information. A second is to permit access to the broadcast information only to those who have paid for it. This is generally done by broadcasting the information in scrambled or encrypted form. Although any device that is connected to the medium can receive the scrambled or encrypted information, only the devices of those users who have paid to have access to the information are able to unscramble or decrypt the information.

A service distribution organization, for example a CATV company or a satellite television company, provides its subscribers with information from a number of program sources, that is, collections of certain kinds of information. For example, the History Channel is a program source that provides television programs about history. Each program provided by the History Channel is an “instance” of that program source. When the service distribution organization broadcasts an instance of the program source, it encrypts or scrambles the instance to form encrypted instance. An encrypted instance contains instance data, which is the encrypted information making up the program.

An encrypted instance is broadcast over a transmission medium. The transmission medium may be wireless or it may be “wired”, that is, provided via a wire, a coaxial cable, or a fiber optic cable. It is received in a large number of set top boxes. The function of set-top box is to determine whether encrypted instance should be decrypted and, if so, to decrypt it to produce a decrypted instance comprising the information making up the program. This information is delivered to a television set. Known set top boxes include decryptors to decrypt the encrypted instance.

Subscribers generally purchase services by the month (though a service may be a one-time event), and after a subscriber has purchased a service, the service distribution organization sends the set top box belonging to the subscriber messages required to provide the authorization information for the purchased services. Authorization information may be sent with the instance data or may be sent via a separate channel, for example, via an out-of-band RF link, to a set top box. Various techniques have been employed to encrypt the authorization information. Authorization information may include a key for a service of the service distribution organization and an indication of what programs in the service the subscriber is entitled to watch. If the authorization information indicates that the subscriber is entitled to watch the program of an encrypted instance, the set-top box decrypts the encrypted instance.

It will be appreciated that “encryption” and “scrambling” are similar processes and that “decryption” and “descrambling” are similar processes: a difference is that scrambling and descrambling are generally analog in nature, while encryption and description processes are usually digital.

The access restrictions are required in both analog and digital systems. In all systems, the continued technological improvements being used to overcome the access restrictions require more secure and flexible access restrictions. As more systems switch from an analog format to a digital format, or a hybrid system containing both analog and digital formats, flexible access restrictions will be required.

Restricting access to broadcast information is even more important for digital information. One reason for this is that each copy of digital information is as good as the original; another is that digital information can be compressed, and consequently, a given amount of bandwidth carries much more information in digital form; a third is that the service distribution organizations are adding reverse paths which permit a set-top box to send a message to the service distribution organization, thereby permitting various interactive services.

Thus, the service distribution organizations require access restrictions which are both more secure and more flexible than those in conventional systems

BRIEF DESCRIPTION OF THE DRAWING

FIG. 1

is a block diagram of a conditional access system;

FIG. 2A

is a block diagram of the service instance encryption techniques disclosed herein;

FIG. 2B

is a block diagram of the service instance decryption techniques disclosed herein;

FIG. 3

is a more detailed block diagram of the service instance encryption and decryption techniques disclosed herein;

FIG. 4

is a block diagram of the techniques used to dynamically provide entitlement agents to a DHCT;

FIG. 5

is a block diagram of a digital broadband delivery system in which the conditional access system is implemented;

FIG. 6

is a block diagram of the conditional access system in the digital broadband delivery system of

FIG. 5

;

FIG. 7

is a diagram of am MPEG-2 transport stream;

FIG. 8

is a diagram of how EMMs are mapped into an MPEG-2 transport stream;

FIG. 9

is a diagram of how EMMs are mapped into an IP packet;

FIG. 10

is a diagram of how ECMs are mapped into a MPEG-2 transport stream;

FIG. 11

is a detailed diagram of an EMM,

FIG. 12

is a detailed diagram of a preferred embodiment of DHCTSE

627

;

FIG. 13

is a diagram of the contents of memory in DHCTSE

627

;

FIG. 14

is a diagram of how NVSCs are allocated to entitlement agents in a preferred embodiment;

FIG. 15

is a diagram of an EAD NVSC;

FIG. 16

is a diagram of other kinds of NVSCs;

FIG. 17

is a diagram of an event NVSC;

FIG. 18

is a diagram of a global broadcast authenticated message (GBAM);

FIG. 19

is a detail of the contents of one kind of GBAM;

FIG. 20

is a diagram showing how GBAMs may be used generally to provide data to a client application;

FIG. 21

is a diagram of a forwarded purchase message;

FIG. 22

is a diagram of the entitlement unit message in an ECM;

FIG. 23

is a diagram of a code message;

FIG. 24

is a diagram showing the relationship between TEDs and the rest of conditional access system

601

;

FIG. 25

is a detailed diagram of a TED;

FIG. 26

is an illustration of the coordinate system used for spotlight and blackout;

FIG. 27

shows how an area is computed in the coordinate system of

FIG. 26

;

FIG. 28

is a description of a public key hierarchy; and

FIG. 29

is a description of an EMM generator according to the present invention.

The reference numbers in the drawings have at least three digits. The two rightmost digits are reference numbers with a figure: the digits to the left of those digits are the number of the figure in which the item identified by the reference number first appears. For example, an item with reference number

203

first appears in FIG.

2

.

DETAILED DESCRIPTION OF A PREFERRED EMBODIMENT

The following Detailed Description will first provide a general introduction to a conditional access system and to encryption and decryption, will then describe how service instance encoding and decoding is done in a preferred embodiment, and will thereupon describe the techniques used in the preferred embodiment to authenticate the ECMs and EMMs of the preferred embodiment. Next, the Detailed Description will describe how EMMs can be used to dynamically add and remove access to services and the role of encryption and authentication in these operations. Finally, there will be a detailed exposition of how the techniques described in the foregoing are employed in a broadcast data delivery system with a node structure and a reverse path from the set top box to the head end, of how secure processors and memory are employed in the preferred embodiment to protect keys and entitlement information, and of how certain operations are performed in the preferred embodiment.

Conditional Access System Overview

FIG. 1

provides an overview of a system

101

for limiting access to broadcast information. Such systems will be termed in the as “conditional access systems”. A service distribution organization

103

, for example a CATV company or a satellite television company, provides its subscribers with information from a number of services, that is, collections of certain kinds of information. For example, the History Channel is a service that provides television programs about history. Each program provided by the History Channel is an “instance” of that service. When the service distribution organization broadcasts an instance of the service, it encrypts or scrambles the instance to form encrypted instance

105

. Encrypted instance

105

contains instance data

109

, which is the encrypted information making up the program, and entitlement control messages (ECM)

107

. The entitlement control messages contain information needed to decrypt the encrypted portion of the associated instance data

109

. A given entitlement control message is sent many times per second, so that it is immediately available to any new viewer or a service. In order to make decryption of instance data

109

even more difficult for pirates, the content of the entitlement control message is changed every few seconds, or more frequently.

Encrypted instance

105

is broadcast over a transmission medium

112

. The medium may be wireless or it may be “wired”, that is, provided via a wire, a coaxial cable, or a fiber optical cable. It is received in a large number of set top boxes

113

(0. . . n), each of which is attached to a television set. It is a function of set-top box

113

to determine whether encrypted instance

105

should be decrypted and if so, to decrypt it to produce decrypted instance

123

, which is delivered to the television set. As shown in detail with regard to set top box

113

(0), set top box

113

includes decryptor

115

, which uses a control word

117

as a key to decrypt encrypted instance

105

. Control word

117

is produced by control word generator

119

from information contained in entitlement control message

107

and information from authorization information

121

stored in set-top box

113

. For example, authorization information

121

may include a key for the service and an indication of what programs in the service the subscriber is entitled to watch. If the authorization information

121

indicates that the subscriber is entitled to watch the program of encrypted instance

105

, control word generator

119

uses the key together with information from ECM

107

to generate control word

117

. Of course, a new control word is generated for each new ECM

107

.

The authorization information used in a particular set top box

113

(

i

) is obtained from one or more entitlement management messages

111

addressed to set top box

113

(

i

). Subscribers generally purchase services by the month (though a service may be a one-time event), and after a subscriber has purchased a service, service distribution organization

103

sends set top box

113

(

i

) belonging to the subscriber entitlement management messages

111

as required to provide the authorization information

121

required for the purchased services. Entitlement management messages (EMMs) may be sent interleaved with instance data

109

in the same fashion as ECMs

107

, or they may be sent via a separate channel, for example via an out-of-band RF link, to set top box

113

(

i

), which stores the information from the entitlement management message (EMM)

111

in authorization information

121

. Of course, various techniques have been employed to encrypt entitlement management messages

111

.

Encryption and Decryption Generally

The encryption and decryption techniques used for service instance encoding and decoding belong to two general classes: symmetrical key techniques and public key techniques. A symmetrical key encryption system is one in which each of the entities wishing to communicate has a copy of a key; the sending entity encrypts the message using its copy of the key and the receiving entity decrypts the message using its copy of the key. An example symmetrical key encryption-decryption system is the Digital Encryption Standard (DES) system. A public key encryption system is one in which each of the entities wishing to communicate has its own public key-private key pair. A message encrypted with the public key can only be decrypted with the private key and vice-versa. Thus, as long as a given entity keeps its private key secret, it can provide its public key to any other entity that wishes to communicate with it. The other entity simply encrypts the message it wishes to send to the given entity with the given entity's public key and the given entity uses its private key to decrypt the message. Where entities are exchanging messages using public key encryption, each entity must have the other's public key. The private key can also be used in digital signature operations, to provide authentication. For details on encryption generally and symmetrical key and public key encryption in particular, see Bruce Schneier,

Applied Cryptography

, John Wiley and Sons, New York, 1994.

The design of an encryption system for a given application involves a number of considerations. As will be seen in the following, considerations that are particularly important in the broadcast message environment include the following:

key security: A symmetrical key system is useless if a third party has access to the key shared by the communicating parties, and a public key system is also useless if someone other than the owner of a given public key has access to the corresponding private key.

key certification: how can the recipient of a key be sure that the key he or she has received is really a key belonging to the entity to which the recipient wishes to send an encrypted message and not a key belonging to another entity which wishes to intercept the message?

message authentication: how can the recipient of a message be sure that the message is from the party it claims to be from, and/or that the message has not been altered?

speed of encryption and decryption: in general, symmetrical key encryption systems are faster than public key encryption systems are preferred for use with real-time data.

key size: in general, the longer the key used in an encryption system, the more resources will be required to break the encryption and thereby gain access to the message.

All of the foregoing considerations are influenced by the fact that the environment in which a condition access system operates must be presumed to be hostile. Many customers of broadcast services see nothing wrong with cheating the service provider and have nothing against tampering physically with the portion of the conditional access system that is contained in the receiver or using various cryptographic attacks to steal keys or to deceive the receiver about the source of the messages it receives. Moreover, the providers of the systems that actually broadcast the services do not necessarily have the same interests as the providers of the service content, and therefore need to control not only who can access a given instance of a service, but also what entities can offer services to a given receiver.

Service Instance Encryption and Decryption:

FIGS. 2A and 2B

In overview, the encryption system of the present invention uses symmetrical key encryption techniques to encrypt and decrypt the service instance and public key encryption techniques to transport a copy of one of the keys used in the symmetrical key techniques of the key from the service provider to the set-top box.

In

FIG. 2A

, clear services such as the elementary digital bit streams which comprise MPEG-2 programs are sent through a 1

st

level encryption called the Program Encrypt function

201

, which is preferably a symmetric cipher such as the well-known DES algorithm. Each elementary stream may be individually encrypted and the resulting encrypted streams are sent to MUX

200

to be combined with other elementary streams and private data, such as conditional access data. The key used in the Program Encrypt function

201

is called the Control Word (CW)

202

. The CW

202

is generated by control word Generator

203

which can be either a physically random number generator or can use a sequential counter with a suitable randomization algorithm to produce a stream of random CWs. A new CW is generated frequently, perhaps once every few seconds and is applied to each elementary stream on the same time scale. Each new CW is encrypted by Control Word Encrypt & Message Authenticate function

204

using a Multi-Session key (MSK)

208

provided by Multi-Session Key generator

205

. The CW is then combined into an ECM

107

with other service-related information. The ECM

107

is authenticated by Control Word Encrypt & Message Authenticate function

204

which produces a message authentication code using a key-hash value derived from the message content combined with a secret which can be shared with the receiving set-top box

113

. This secret is preferably part or all of the MSK

208

. The message authentication code is appended to the rest of the ECM

107

. The CW

202

is always encrypted before being sent along with the other parts of the ECM to MUX

200

. This encryption is preferably a symmetric cipher such as the Triple-DES algorithm using two distinct 56-bit keys (which taken together comprise MSK

208

).

The MSK

208

has a longer lifetime than CW

202

. The MSK lifetime is typically hours to days in length. MSK

208

is both encrypted and digitally signed by MSK Encrypt & Digital Signature function

206

before being sent to MUX

200

encapsulated in EMM

111

. MSK

208

and other parts of EMM

111

are preferably encrypted using a public key algorithm, such as the well-known RSA algorithm, with a public key associated with the specific set-top box

113

to which the EMM is addressed. The public keys of all set-top boxes

113

in a system

101

are stored in Public Key Data Base

207

. The public keys in this data base are preferably certified by a certificate authority. The digital signature function in

206

is preferably the RSA digital signature method, although others could be used. In the case of an RSA digital signature, the private key which is used to make the signature belongs to the entitlement agent within service distribution organization

103

responsible for authorizing the associated service.

In

FIG. 2B

, the corresponding DHCT private key and associated DHCT public secure micro serial number are stored in memory

232

of decoder

240

. Public secure micro serial number is provided so that demultiplexer

230

can select an encrypted multi-session key addressed to decoder

240

from transport data stream (TDS). Encrypted multi-session key E

Kpr

(MSK) is decrypted in decryptor

234

using DHCT private key from memory

232

to provide multi-session key MSK. Demultiplexer

230

also selects from transport data stream TDS encrypted control word (CW) E

MSK

(CW). The encrypted CW is processed in decryptor

236

using multi-session key MSK as the decryption key to provide the unencrypted CW. The unencrypted CW preferably changes at a high rate, for example, once every few seconds. Demultiplexer

230

also selects from transport data stream TDS encrypted service E

CW

(SERVICE). The encrypted service is processed in decryptor

238

using the CW as the decryption key to recover the unencrypted service.

Detailed Implementation of the Encryption System of FIG.

2

:

FIG. 3

FIG. 3

presents more details about a preferred implementation of the system of FIG.

2

. Encryption/decryption system

301

has two main components: service origination component

305

and service reception component

333

. The two are connected by a transmission medium

331

, which may be any medium which will carry a message from service origination component

305

to service reception component

333

. Service reception component

333

is implemented in a set-top box, termed hereinafter a digital home communications terminal (DHCT). It may, however be implemented in any device which has the necessary computation power, for example, a personal computer or work station or an “intelligent” television set. In the service origination component, at least the portion labeled

306

is typically implemented in equipment located at the head end of a broadcasting system such as a cable television (CATV) or satellite TV system. In some embodiments, however, the head end may be provided with already-encrypted instances of the service. The remaining portion

308

may also be located at the head end, but may also be located anywhere which has access of some king to head end

306

and service reception component

333

. The latter is particularly the case if the EMMs are sent out of band, for example by way of a wide-area network such as the Internet. Also, the transmission medium may be storage media, where the service origination point is the manufacturer of the media, and the service reception component may be the element which reads the storage media. For example, the transmission medium can be a CD-ROM, DVD, floppy disk, or any other medium that can be transferred, physically, electronically, or otherwise.

Beginning with service origination portion

305

, random number generator

307

is used to generate MSK

309

. Next, an EMM

315

containing MSK

309

and related information is produced. EMM

315

also includes a sealed digest. The sealed digest has two purposes: to ensure that the information placed in EMM

315

by service origination

305

is the same information that arrives at DHCT

333

and to ensure that the information has in fact come from an entity which is empowered to give access to the service.

The sealed digest is made in two stages: first, a digest of the EMM's contents (here, MSK

309

and the related information) is made by hashing the contents in a secure one-way hash function to produce a relatively short bit string. The secure one-way hash function has three properties:

the contents that were hashed to produce the short bit string can be determined from the short bit string; and

any change in what is hashed produces a change in the short bit string; and

it is computationally infeasible to construct a different message which produces the same short bit string as the EMM.

The short bit string output of the hash function can thus be used to determine whether the contents of the EMM have changed in transit without disclosing these contents. The preferred embodiment uses the Message Digest

5

one way hash function, as indicated by the notation MD

5

. For details on one-way hash functions, see the Schneier reference, supra. The digest is a sealed digest because it is encrypted with a private key SP Kr

310

belonging to the entitlement agent (EA) that has the right to give the DHCT access to the service for which the MSK is used to produce the key. Before the sealed digest can be used to check whether the EMM was transmitted correctly, it must be decrypted using the entitlement agent's public key. The sealed digest thus confirms to the DHCT both that the contents of the EMM have been transmitted correctly and that the source of the EMM is the entitlement agent.

Once the sealed digest is made, the contents of the EMM (here, MSK

309

and the related information) are encrypted with the public key DHCT Ku

312

of the DHCT

333

to which EMM

315

is addressed and EMM

315

, containing the encrypted contents and the sealed digest, is sent via transmission medium

331

to the DHCT

333

. In the following, the notation Kr is used to indicate a private key and Ku is used to indicate a public key. The notation RSA indicates that the encryption is done using the well-known RSA public key encryption algorithm.

As shown in DHCT

333

, EMM

315

can only be decrypted by the DHCT

333

whose private key

337

(DHCT Kr) corresponds to the public key used to encrypt EMM

315

. DHCT

333

decrypts EMM

315

and uses the sealed digest to determine whether the EMM

315

was correctly transmitted. The determination is made by using public key SP Ku

335

for the entitlement agent to decrypt the sealed digest. Then the contents of EMM

315

are hashed using the same secure one-way hash function that was used to make the digest. If the results of this hash are identical to the decrypted sealed digest, the determination succeeds. The check with the sealed digest will fail if the transmission to the DHCT

333

was corrupted in transit, if DHCT

333

does not have the private key corresponding to the public key used to encrypt the EMM (i.e., is not the DHCT

333

for which EMM

315

was intended), or if DHCT

333

does not have public key

335

(SP Ku) corresponding to the private key of the EA that was used to make the sealed digest. The latter will be the case if the DHCT

333

has not been given access to services provided by the entitlement agent. EMMs

315

addressed to DHCT

333

are sent repeatedly; consequently, if the problem was corruption in transit, an uncorrupted EMM

315

will be received shortly and the determination will succeed. How DHCT

333

comes to have SP Ku

335

needed to decrypt the sealed digest will be explained in more detail later.

The next stage in service orientation

305

is generating control word

319

used to actually encrypt service instance

325

and generating the ECM

323

which carries the information needed to decrypt the service instance to DHCT

333

. The control word

319

is generated by random number generator

317

. This can be a true random number generator, whose output is the result of some basic underlying random physical process, or some other means, for example, the result of encrypting a value, called a “counter” (which increments by one after each use) with 3DES, using the MSK as the key. In the case of a true random number, the encrypted control word is transmitted in the ECM. In the case of the counter-based control word generation, the clear version of the “counter” is used in the transmitted ECM. As mentioned above, the control word is a short-term key, i.e. it has a life time of a few seconds or less. Included in the ECM

323

is a digest of the contents plus the MSK which is made using the MD

5

one-way hash just described. The inclusion of the MSK in making the digest gives the entitlement agent to which the ECM

323

belongs a shared secret with the DHCTs

333

that are entitled to receive service instances from the entitlement agent and consequently prevents “spoofing” of ECMs

323

, that is, provision of ECMs

323

from a source other than the entitlement agent. As will be seen in more detail later, the preferred embodiment uses the shared secret technique generally to authenticate messages which contain messages that have real-time value with regard to an instance of a service.

ECM

323

is sent together with encrypted content

329

to DHCT

333

. The first ECM

323

for a given portion of encrypted content

329

must of course arrive at DHCT

333

before the encrypted content does. In the preferred embodiment, content

325

and ECM

323

are encoded according to the MPEG-2 standard. The standard provides for a transport stream which includes a number of component streams. Some of these carry content

329

, another carries the ECMs

323

, and a third carries the EMMs

315

. Only the streams carrying content

329

are encrypted according to DES

329

; since the control words in ECMs

323

and the contents of EMMs

315

have already been encrypted, no further encryption is needed when they are sent in the MPEG-2 transport stream. The manner in which EMMs and ECMs are transported in the MPEG-2 transport stream will be described in more detail later.

When an ECM

323

is received in DHCT

333

, control word

319

is either decrypted or found by encrypting the counter value at

343

using the MSK. The integrity of the contents of the ECM

323

is checked by comparing the value resulting from hashing the contents plus some or all of the MSK (based on cryptographic principles) in the one-way hash function with the message digest contained in ECM

323

. Included in the contents are control word

319

and information identifying the service instance

325

which ECM

323

accompanies. The identifying information is used together with the authorization information received with EMM

315

to determine whether DHCT

333

is authorized to receive the service instance

325

. If it is, control word

319

is used in service decryptor

347

to decrypt encrypted content to produce original content

325

.

System

301

offers a number of advantages with regard to security. It takes advantage of the speed of symmetrical encryption systems where that is needed to decrypt encrypted content

329

and the control word in ECM

323

. The control word is protected by encrypting it using the MSK, and ECM

323

is authenticated by using some or all of MSK

309

as a shared secret between the entitlement agent and DHCT

333

. MSK

309

is protected in turn by the fact that it is sent is an EMM which is encrypted using the DHCT's public key and by the fact that the EMM includes a sealed digest which is encrypted using the entitlement agent's private key. Further security is provided by the fact that service identification information from ECM

323

must agree with the authorization information received in EMM

315

before control word

319

is provided to service decryptor

347

. For example, as described in detail in the Banker and Akins parent patent application supra, one use of the information in ECM

323

and EMM

315

is to prevent what are termed “replay attacks” on the encrypted services. In addition to being secure, system

301

is flexible. The authorization information contained in EMM

315

and the service identification information contained in ECM

323

together permit a wide range of access to service instances received in DHCT

333

.

Dynamic Provision of Multiple Entitlement Agents to DHCT

333

:

FIG. 4

The use of the sealed digest in EMM

315

means that DHCT

333

will not respond to EMM

315

unless it has a public key for the entitlement agent that has the power to give entitlements to the service to be decrypted by the MSK in EMM

315

. This is part of a broader arrangement which makes it possible to dynamically provide DHCT

333

with one or more entitlement agents and to dynamically remove provided entitlement agents from DHCT

333

.

The entity which provides and removes entitlement agents is called the conditional access authority (CAA). The arrangement further permits entitlement agents that have been provided to DHCT

333

to dynamically modify their authorization information in DHCT

333

. All of the information needed to perform these operations is sent via EMMs, with the sealed digests being used to ensure that only the CAA may add or remove entitlement agents and that only the entitlement agent to which authorization information belongs may modify the authorization information.

The above arrangement has a number of advantages:

It permits multiple entitlement agents.

It permits dynamic addition and removal of entitlement agents.

It places limits on the services to which an entitlement agent may grant entitlements, but otherwise permits entitlement agents to manage their own authorization information.

It separates the business of providing entitlements to services and service instances from the business of actually providing instances of the service; consequently, a CATV operation may simply run as a distribution utility.

It separates the business of giving an entity the right to be an entitlement agent from the business of being an entitlement agent.

It provides an easy way of permitting a customer to change entitlement agents as he or she sees fit.

It provides a secure arrangement whereby a DHCT

333

may communicate by means of a reverse path with an entitlement agent, a conditional access authority, or potentially the provider of the instances of the service.

FIG. 4

shows how the arrangement is implemented in a preferred embodiment.

FIG. 4

is best understood as an extension of FIG.

3

. Both FIG.

4

and

FIG. 3

have the same major components: service origination

305

, DHCT

333

, and transmission medium

331

for coupling the two. Further, encryptor

313

and decryptor

339

are used in both figures. Moreover, as indicated by reference number

308

, the EMMs may be either sent together with a service instance or by another channel.

FIG. 4

further shows an additional component of DHCT

333

, namely EMM manager

407

. EMM manager

407

is implemented in software executed in a secure processor in DHCT

333

. The task of EMM manager

407

is to respond to EMMs which add or remove entitlement agents and to EMMs which modify the authorizations for an entitlement agent. EMM manager

407

further provides messages by means of which DHCT

333

may communicate with an entitlement agent or a conditional access authority.

Initially, EMMs that modify an entitlement agent's authorization information are made in response to modification information

403

provided by the entitlement agent or required by the network operator. As shown at

313

, the modification information is encrypted using the public key

312

for DHCT

333

and has a sealed digest that is encrypted using the private key

310

for the entitlement agent. The resulting authorization modification EMM

405

is sent via transmission medium

331

to decryptor

339

in DHCT

333

, where it is decrypted and checked in the manner described above for EMMs

315

containing an MSK. The EA modification information

403

contained in the EMM goes, however, to EMM manager

407

, which uses the information to modify the authorization information for the entitlement agent in DHCT

333

. Examples of modifications include adding or canceling services provided by the entitlement authority and changing the conditions under which access to instances of a given service will be granted.

As indicated above, the sealed digest is encrypted using the private key of the entitlement agent. Consequently, the validity of the EMM can only be determined if DHCT

333

has the entitlement agent's public key. The public key for an entitlement agent is provided to DHCT

333

by an EA allocation EMM

413

from a conditional access authority. EMM

413

contains entitlement agent allocation information

409

from the conditional access authority: at a minimum, entitlement agent allocation information

409

contains the public key for the entitlement agent; it may also contain information about the amount of memory an entitlement agent may have in DHCT

333

and about classes of service that an entitlement agent may offer. For example, the entitlement agent may not be permitted to offer interactive services. Information

409

is encrypted with the public key

312

of DHCT

333

, and the sealed digest is encrypted with private key

411

of the conditional access authority.

In DHCT

333

, EMM

413

is decrypted using private key

337

belonging to DHCT

333

and the sealed digest is decrypted using CAA public key

415

. If the digest confirms the correctness of the contents of the EMM. EMM manager

407

allocates storage for the entitlement agent whose public key is contained in EMM

413

That done, EMM manager

407

places the entitlement agent's public key in the storage. The storage provides a place to store the entitlement agent's public key, the authorization information for the services and service instances provided by the entitlement agent, and the MSKs provided by the entitlement agent. Once DHCT

333

has the entitlement agent's public key and storage for the entitlement agent's authorization information and MSK. EMM manager

407

can respond to EMMs from the entitlement agent. Of course, in order to decrypt the sealed digest, DHCT

333

must have public key

415

for the conditional access authority. As will be explained in more detail later on, in a preferred embodiment, public key

415

and the public and private keys for DHCT

333

are installed in DHCT

333

at the time that DHCT

333

is manufactured.

When a customer orders a service, the arrangements just described interact as follows:

1. If the service is provided by an entitlement agent for which the customer's DHCT

333

does not have the public key, the conditional access authority must first send EA allocation EMM

413

to DHCT

333

; EMM manager

407

responds by allocating storage for the entitlement agent. Only the conditional access authority can send EA allocation EMM

413

, and consequently, the conditional access authority (CAA) can control access by entitlement agents to customers of a particular service distribution organization.

2. If DHCT

333

has the entitlement agent's public key, either because step (1) has just been performed or was performed at some time in the past, the entitlement agent sends modification EMM

405

with the authorization information for the newly-ordered service or service instance to DHCT

333

. EMM manager

407

responds thereto by storing the authorization information in the allocated space.

3. Once step (2) is done, DHCT

333

can receive EMM

315

with the MSK for the service form the entitlement agent. EMM manager

407

stores the MSK in the allocated space.

4. When the actual service instance is sent, it is accompanied by ECMs containing the current control word. The MSK is used to decrypt the ECMs and the control words obtained from the ECMs are used to decrypt the instance of the service.

The above use of EMMs and ECMs to control access to instances of a service thus guarantees that no entitlement agent will have access to DHCT

333

without permission of the conditional access authority and that no DHCT

333

will have access to an instance of a service without permission of the entitlement agent for the service. It also makes it possible for the entitlement agent to be in complete control of the service. Access to the service is defined by the EMMs

405

and

315

, and these may be sent by the entitlement agent to DHCT

333

independently of the service distribution organization. Further, it is the entitlement agent which provides the MSK used to generate control words and decrypt the ECM to both the service distribution organization and DHCT

333

. Indeed, if the entitlement agent wishes to do so, it can itself provide encrypted instances of the services to the service distribution organization, which, in such a case, merely functions as a conduit between the entitlement agent and DHCT

333

.

Secure Transmission of Messages via the Reverse Path

FIG. 4

also shows how the techniques used to ensure the security of EMMs are also used to ensure the security of messages sent from DHCT

333

. The example shown in

FIG. 4

is a forwarded purchase message (FPM). The forwarded purchase message is used for the interactive purchase of an instance of a service. One example of such a purchase is what is called impulse pay-per-view, or IPPV. In such a system, the beginning of an event, for example, a baseball game, is broadcast generally and customers can decide whether they want to see all of it. In that case, they must provide input to DHCT

333

that indicates that they wish to see the entire event. EMM manager

407

responds to the input by making the FPM and sending it to the entitlement agent so that the entitlement agent can charge the customer for the event and send an EMM

315

confirming that DHCT

333

may continue to decrypt the event. The information needed by the entitlement agent is forwarded entitlement information

417

; to ensure the privacy of the customer, this information is encrypted using the 3DES algorithm with a key

420

, as shown at

343

, to produce encrypted forward entitlement information

419

. The key

420

is composed of two 56-bit DES keys. The 3DES encryption operation is a sequence of three DES operations: encryption using the first DES key, decryption using the second DES key, and encryption using the first DES key. Then key

420

is encrypted using the public key

335

of the entitlement agent and the sealed digest is made using the private key of DHCT

333

. All of these parts together make up forwarded purchase message

421

, which is addressed to the entitlement agent.

At the entitlement agent, key

420

is decrypted using the entitlement agent's private key

310

, and the sealed digest is decrypted using the public key

312

of the DHCT. If the Encrypted Forwarded Entitlement Information (EFEI)

419

contained in the FPM

421

is determined not to have been tampered with, it is passed to 3DES decryption

443

, which decrypts it using key

420

and provides forwarded entitlement information

417

to the entitlement agent. As will be immediately apparent, the same technique, with or without the 3DES encryption of the contents of the message, can be used to send messages to any entity for which DHCT

333

has the public key. At a minimum, this includes the CAA and any entitlement agent which has been allocated memory in DHCT

333

.

Authentication of Global Broadcast Messages

A global broadcast message is one which is not addressed to any individual DHCT

333

or to any group of DHCTs

333

. In a preferred embodiment, global broadcast messages accompany instances of services and contain information that is relevant to the instance they accompany. Consequently, the encryption and authentication techniques used in the global broadcast messages must permit rapid decryption and authenticity checking. One example of a global broadcast message is the ECM. Other examples are the different types of global broadcast authenticated messages, or GBAMs. As with ECMs, it is necessary to prevent global broadcast messages from being spoofed, and it is done in the same fashion as with the ECMs. More specifically, the digest is made using some or all of the MSK together with the content of the global broadcast message. The MSK thus functions as a shared secret between the entitlement agent and DHCT

333

. When EMM manager

407

receives the global message, it makes a digest using the contents of the received message and the MSK and responds to the received message only if the digest agrees with the one contained in the message. An advantage of using a digest made with the MSK to authenticate the global broadcast message is that the digest may be both made and checked very quickly.

Implementation of the Conditional Access System in a Digital Broadband Delivery System

The foregoing has described the conditional access system in terms of ECMs, EMMs, and other messages and in terms of the manner in which the messages and their digests are encrypted and decrypted. The conditional access system as just described will work with any communications arrangement which permits an instance of a service to be delivered to a DHCT together with ECMs and other broadcast messages and which permits the DHCT to receive EMMs from a conditional access authority and one or more entitlement agents. The conditional access system is, however, particularly well-suited for use in a modern digital broadband delivery system, and the following will describe how the conditional access system is implemented in such a delivery system.

Overview of the Digital Broadband Delivery System:

FIG. 5

FIG. 5

provides an overview of digital broadband delivery system (DBDS)

501

. DBDS

501

includes service infrastructure

503

, a headend

515

, a transport infrastructure

517

, hubs

519

(0. . . n), access networks

521

(0. . . n), and Digital Home Communications Terminals (DHCTs)

333

. The service infrastructure consists of Value-Added Service Provider (VASP) systems

509

, which are systems that provide services to the broad band delivery system, the Digital Network Control System (DNCS)

507

, which manages and controls services provided by means of DBDS

501

, the Administrative Gateway (AG)

505

, which is a source of service provisioning and authorization information in DBDS

501

, Network Management System (NMS)

511

, which maintains a database of system status and performance information, and the Core Network

513

, which interconnects other Service Infrastructure

503

components with headend

515

. In a preferred embodiment, Core Network

513

consists of ATM-based switching and transmission facilities. Headend

515

provides an interface between service infrastructure

503

and transport infrastructure

517

. Transport infrastructure

517

provides a high-bandwidth interconnection from headend

515

to hubs

519

(0. . . n). Each hub

519

(

i

) serves an access network

521

(

i

), which consists of hybrid fiber coax (HFC) nodes

523

connected via a coax bus network to DHCTs

333

. A given DHCT

333

(

k

) in DBDS

501

thus belongs to an HFC node

532

(

j

) in an access network

521

(

i

). Transport infrastructure

517

and access network

523

may provide only a forward channel from head end

515

to a given DHCT

333

(

k

), but preferably provide both a forward channel and a reverse path. Each instance of a DBDS

501

generally provides service to a metropolitan area.

DBDS

501

can be implemented in a variety of configurations to fit the circumstances of a particular service environment. For example, headend equipment may be deployed within headend

515

, within a hub

519

(

i

), or part of a VASP system

509

. DNCS components

506

may be deployed within headend

515

or distributed among the hubs

519

. Transport infrastructure

517

may utilize SONET add/drop multiplexing, analog fiber technology, or other transmission technologies.

Overview of the Conditional Access System:

FIG. 6

FIG. 6

shows the components of a preferred embodiment of conditional access system

601

in DBDS

501

. Conditional access system

601

is a collection of components DNCS

507

, headend

515

, and DHCT

333

that together provide security and conditional access services.

The components of conditional access system

601

perform the following functions:

1. encrypting the service content

2. encrypting the control words used for service encryption

3. authenticating the ECMs that contain the encrypted control words

4. passing the ECMs to DHCTs

5. managing a subscriber authorization database

6. encrypting and authenticating EMMs containing subscriber entitlement information

7. passing the EMMs to DHCTs

8. decrypting the EMMs and checking their authenticity at the DHCTs

9. responding to the EMMs by modifying entitlement information in the DHCTs

10. responding to the ECMs by authenticating them, decrypting the control word, and checking entitlement at DHCT

333

, and

11. if the ECM is authentic and the authorization permit, decrypting the service content.

These requirements are met by the following components of conditional access system

601

:

Stream Encryption & ECM Streamer Modules

620

in head end

515

;

Control Suite

607

in DNCS

507

;

I. Transaction Encryption Device

605

in head end

515

, with secure line to DNCS

507

;

II. Service Decryptor Module

625

in DHCT

333

;

III. Security Manager Module

626

in DHCT

333

; and

IV. DHCTSE

627

in DHCT

333

.

FIG. 6

depicts a typical configuration of these components for securing digital services within DBDS

501

. In the following, the components will be described in more detail.

Service Encryption & ECM Streamer Module

620

Service Encryption and ECM Streamer (SEES) module

620

is a component of QAM Modulator

619

that operates under direction of control suite

607

to encrypt the MPEG-2 transport stream packets that are employed in the preferred embodiment to transmit service content

325

. As shown in

FIG. 6

, service content

325

may be received from sources such as a digital satellite distribution system

613

, a digital terrestrial distribution system

611

, of a media server

609

. Media server

609

may be connected to head end

515

by a broadband integrated gateway

615

. SEES

620

uses MSK

309

to generate the control words

319

used for service encryption and creates ECMs

323

for transporting the control words together with encrypted service content

329

within the outgoing MPEG-2 Transport Stream. SEES

620

encrypts the control words in the ECMs

323

with MSKs

309

. The MSKs are generated by TED

603

and are sent to SEES

620

in encrypted form in EMM-like messages.

DHCT

333

DHCT

333

is connected between the HFC network

521

and the customer's television set. DHCT

333

receives and interprets EMMs, ECMs, and GBAMs and decrypts instances of services. DHCT

333

further provides the customer interface for DBDS

501

and receives customer input

628

from the customer. In response to the customer input, DHCT

333

may generate FPMs or other messages that travel via the reverse path to the CAA or to EAs. In a preferred embodiment, DHCT

333

is implemented using a combination of general purpose processors. ASICs, and secure elements (which may be implemented discretely or integrated). For purposes of the present discussion, DHCT

333

has three important components: service decryption module

625

, security manager

626

, and DHCT secure element (DHCTSE)

627

. Service decryption module

625

is preferably implemented in an ASIC, and security manager

626

is preferably implemented in software. DHCTSE