DE19511298A1 - Method of allotting and withdrawing reception authorisation for chargeable reception - Google Patents

Method of allotting and withdrawing reception authorisation for chargeable reception

Info

Publication number
DE19511298A1
DE19511298A1 DE1995111298 DE19511298A DE19511298A1 DE 19511298 A1 DE19511298 A1 DE 19511298A1 DE 1995111298 DE1995111298 DE 1995111298 DE 19511298 A DE19511298 A DE 19511298A DE 19511298 A1 DE19511298 A1 DE 19511298A1
Authority
DE
Germany
Prior art keywords
decoder
keys
key
nodes
node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
DE1995111298
Other languages
German (de)
Other versions
DE19511298B4 (en
Inventor
Joerg Dr Rer Nat Schwenk
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Deutsche Telekom AG
Original Assignee
Deutsche Telekom AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Deutsche Telekom AG filed Critical Deutsche Telekom AG
Priority to DE1995111298 priority Critical patent/DE19511298B4/en
Publication of DE19511298A1 publication Critical patent/DE19511298A1/en
Application granted granted Critical
Publication of DE19511298B4 publication Critical patent/DE19511298B4/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04HBROADCAST COMMUNICATION
    • H04H60/00Arrangements for broadcast applications with a direct linking to broadcast information or broadcast space-time; Broadcast-related systems
    • H04H60/09Arrangements for device control with a direct linkage to broadcast information or to broadcast space-time; Arrangements for control of broadcast-related services
    • H04H60/14Arrangements for conditional access to broadcast information or to broadcast-related services
    • H04H60/23Arrangements for conditional access to broadcast information or to broadcast-related services using cryptography, e.g. encryption, authentication, key distribution
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • H04L9/0836Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key using tree structure or hierarchical structure
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/162Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing
    • H04N7/163Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing by receiver means only
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/167Systems rendering the television signal unintelligible and subsequently intelligible
    • H04N7/1675Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04HBROADCAST COMMUNICATION
    • H04H2201/00Aspects of broadcast communication
    • H04H2201/70Aspects of broadcast communication characterised in that receivers can be addressed

Abstract

The method could use a three-branch tree with two branching levels, such that the keys for the branches K (2,i) are stored in a decoder Di or a chip card, i having the values from 1 to 9. The root possesses the system key SK = K (O,1), while the keys for the other nodes are given. The keys stored in the decoder serve for decoding the received cryptograms or control words. Each cryptogram can allow a decoder to receive programmes, for example along the branch from K(2,1), through K(1,1) to SK = (0,1), when the decoder is D1 and the key is K(2,1).

Description

Die Erfindung betrifft ein Verfahren zur Erteilung und zum Entzug der Berechtigung zum Empfang von Rundfunksendungen, die durch Verschlüsselung geschützt sind, mit einem Decoder und einen zur Durchführung des Verfahrens geeigneten Decoder.The invention relates to a method for issuing and Revocation of the right to receive radio broadcasts, protected by encryption with a decoder and a suitable one for carrying out the method Decoder.

Gebührenpflichtige Rundfunksendungen, die auch unter den Stichworten Pay-TV, Pay-Radio, bekanntgeworden sind, werden mit einem Schlüssel CW verschlüsselt. Benutzer werden dadurch zum Empfang berechtigt, daß man ihnen den Schlüssel (Kontrollwort) CW vertraulich zukommenläßt. Dazu wird im allgemeinen dem Benutzer ein persönlicher Schlüssel PK zur Verfügung gestellt, der meist physikalisch gegen Vervielfältigung gesichert, beispielsweise auf einer Chip-Karte gespeichert ist.Chargeable radio broadcasts, which are also available under the Keywords Pay-TV, Pay-Radio, have become known encrypted with a key CW. Become a user authorized to receive them by giving them the key (Control word) CW sends confidentially. For this, in general a personal key PK for the user Provided that is usually physically against Duplication secured, for example on a Chip card is saved.

Das Kontrollwort CW wird verschlüsselt als Kryptogramm ECM (Entitlement Control Message) über einen Datenkanal des Rundfunksenders vom Empfänger bzw. Decoder empfangen. Durch Entschlüsselung dieses Kryptogramms mit Hilfe des persönlichen Schlüssels PK wird das Kontrollwort CW wiedergewonnen. Bei dem unter dem Namen EuroCrypt bekanntgewordenen System wird ein weiteres Kryptogramm EMM (Entitlement Management Message) eines Schlüssels SK gesendet. Dieses Kryptogramm kann mit Hilfe von PK entschlüsselt werden. Der so erhaltene Schlüssel SK dient zur Berechnung von CW aus dem Kryptogramm ECM. Dieses Zugangskontrollsystem ist in DIN EN 50094 beschrieben. Sicherheitshalber wird der Schlüssel CW häufig gewechselt.The control word CW is encrypted as a cryptogram ECM (Entitlement Control Message) via a data channel of the Broadcast transmitter received by the receiver or decoder. By  Decrypt this cryptogram using the personal key PK becomes the control word CW recovered. With the one under the name EuroCrypt known system is another cryptogram EMM (Entitlement Management Message) a key SK sent. This cryptogram can be created using PK be decrypted. The key SK thus obtained serves to calculate CW from the cryptogram ECM. This Access control system is described in DIN EN 50094. To be on the safe side, the CW key is changed frequently.

Eine wichtige Aufgabe des Zugangskontrollsystems besteht darin, Benutzern, die ihre Gebühren nicht bezahlt haben, die Berechtigung zum Empfang der Rundfunksendung zu entziehen. Dieses kann einerseits durch eine negative Adressierung geschehen, bei welchem an den Decoder eine Nachricht geschickt wird, in welcher dieser aufgefordert wird, seine Tätigkeit einzustellen. Diese Möglichkeit ist jedoch grundsätzlich unsicher, da derartige Nachrichten von einem betrügerischen Benutzer abgefangen werden können und damit unwirksam sind.An important task of the access control system is in giving users who haven't paid their fees the To withdraw authorization to receive the broadcast. This can be done on the one hand through negative addressing happen at which a message to the decoder is sent in which this is requested, his Cease activity. However, this possibility is generally insecure, since such messages from one fraudulent users can be intercepted and thus are ineffective.

Bei der positiven Adressierung wird eine Abschaltung des Decoders dadurch bewirkt, daß die in ihm enthaltene Information wertlos gemacht wird. Das geschieht dadurch, daß alle anderen Decoder neue Informationen erhalten, die zum Entschlüsseln zukünftiger Rundfunksendungen unbedingt gebraucht werden, nur der abzuschaltende Decoder nicht.With positive addressing, the Decoders thereby causes that contained in it Information is made worthless. This happens because all other decoders receive new information about the Decrypt future broadcasts unconditionally are needed, only the decoder to be switched off.

Das Verfahren der positiven Adressierung führt zwar mit Sicherheit zur Abschaltung des Decoders des jeweiligen Benutzers, es ist allerdings mit großem Aufwand verbunden, da zum Abschalten eines Decoders Nachrichten an alle anderen Decoder gesendet werden müssen.The procedure of positive addressing does lead Security for switching off the decoder of the respective User, but it takes a lot of effort, because to turn off one decoder messages to everyone else Decoder must be sent.

Der Erfindung liegt die Aufgabe zugrunde, ein Verfahren zur Erteilung und zum Entzug der Berechtigung zum Empfang von Rundfunksendungen vorzuschlagen, bei welchem die zur Entschlüsselung erforderlichen Informationen in einem bestimmten Decoder wertlos gemacht werden können, ohne daß alle anderen Decoder einzeln adressiert werden müssen.The invention has for its object a method for Granting and withdrawing authorization to receive To propose radio broadcasts, in which the to Decryption required information in one certain decoders can be made worthless without all other decoders must be addressed individually.

Diese Aufgabe wird erfindungsgemäß dadurch gelöst,According to the invention, this object is achieved by

  • - daß die Schlüssel aller betroffenen Decoder eine Baumstruktur bilden, deren Wurzel ein Systemschlüssel zugeordnet ist, der zur Entschlüsselung eines mit der jeweiligen Rundfunksendung empfangenen Kontrollwortes dient,- That the keys of all affected decoders one Form tree structure, the root of which is a system key assigned to decrypt one with the respective radio broadcast received control word serves
  • - daß den der Wurzel und den einzelnen Knoten nachfolgenden Knoten Schlüssel zugeordnet sind,- That following the root and the individual nodes Nodes are assigned to keys
  • - daß den Blättern dieses Baumes feste Schlüssel zugeordnet sind, die eindeutig einem Decoder oder einem Teil eines Decoders (z. B. einer Chipkarte) zugeordnet sind,- That the leaves of this tree assigned fixed keys that are clearly a decoder or part of a Decoders (e.g. a chip card) are assigned,
  • - daß die Schlüssel, die jeweils einen Ast der Baumstruktur bilden, in jeweils einem Decoder gespeichert werden und- that the keys, each a branch of the tree structure form, are stored in a decoder and
  • - daß die in jeweils einem Decoder gespeicherten Schlüssel zur Entschlüsselung von empfangenen Kryptogrammen dienen, welche Änderungen der gespeicherten Schlüssel und des gespeicherten Systemsschlüssels bewirken,- That the keys stored in one decoder serve to decrypt received cryptograms, what changes to the saved keys and stored system key,
  • - daß diejenigen Schlüssel, die solchen Knoten zugeordnet sind, welche einem bestimmten Knoten unmittelbar nachfolgen, dazu dienen, Kryptogramme zu entschlüsseln, die einen Schlüssel enthalten, der dem bestimmten Knoten neu zugeordnet werden soll.- That those keys assigned to such nodes are what a particular node immediately follow, serve to decrypt cryptograms, which contain a key assigned to the particular node reallocated.

Bei 1.000.000 Decodern müßten bei dem bekannten Verfahren 999.999 Nachrichten übertragen werden, um einen der Decoder zu deaktivieren. Bei dem erfindungsgemäßen Verfahren mit beispielsweise einem 2-ären Baum der Tiefe 20 sind etwa nur 40 Nachrichten notwendig. With 1,000,000 decoders, the known method would have to transmit 999,999 messages in order to deactivate one of the decoders. In the method according to the invention, for example with a 2-ary tree of depth 20 , only about 40 messages are necessary.

Zur Verschlüsselung der Daten können bei dem erfindungsgemäßen Verfahren sowohl symmetrische als auch asymmetrische Verfahren angewendet werden.To encrypt the data, the inventive method both symmetrical as well asymmetrical methods can be applied.

Eine vorteilhafte Ausführungsform des erfindungsgemäßen Verfahrens besteht darin, daß die Baumstruktur m-regulär ist, wobei mtn gilt mit m = Zahl der einem Knoten oder der Wurzel nachfolgenden Knoten, t = Zahl der von Knoten gebildeten Ebenen und n = Zahl der Decoder. Dadurch ist eine einfache Zuordnung der Kryptogramme, welche Änderungen der gespeicherten Schlüssel bewirken, möglich.An advantageous embodiment of the method according to the invention is that the tree structure is m-regular, where m t n applies with m = number of nodes following a node or the root, t = number of levels formed by nodes and n = number of decoders. This makes it easy to assign the cryptograms that change the stored keys.

Zum Entzug der Berechtigung eines bestimmten Decoders kann bei dem erfindungsgemäßen Verfahren vorgesehen sein, daßYou can withdraw the authorization of a specific decoder be provided in the inventive method that

  • - für jeden Decoder außer dem bestimmten Decoder, der zusammen mit dem bestimmten Decoder demselben Knoten nachfolgt, ein Kryptogramm gesendet wird das den mit dem festen Schlüssel des Decoders verschlüsselten Schlüssel enthält, der dem gemeinsamen Knoten neu zugeordnet wird,- for each decoder except the particular decoder that together with the particular decoder the same node follows, a cryptogram is sent to the one with the fixed key of the decoder encrypted key contains that is reassigned to the common node,
  • - beginnend mit dem Knoten, der dem gemeinsamen Knoten vorausgeht, bis zur Wurzel für jeweils alle nachfolgenden Knoten aller dem bestimmten Decoder mittelbar vorausgehenden Knoten jeweils ein Kryptogramm gesendet wird, das den mit dem Schlüssel des jeweils nachfolgenden Knotens verschlüsselten Schlüssel enthält, der dem dem bestimmten Decoder mittelbar vorausgehenden Knoten neu zugeordnet wird.- starting with the node that is the common node precedes to the root for all subsequent ones Nodes all indirectly to the particular decoder previous nodes each sent a cryptogram the one with the key of the following one Node's encrypted key, which contains the certain decoders indirectly preceding nodes is assigned.

Ein vorteilhafter Decoder zur Durchführung des Verfahrens nach einem der vorhergehenden Ansprüche ist dadurch gekennzeichnet, daß mehrere Schlüssel speicherbar sind, wobei mindestens ein Teil der Schlüssel durch mit den Rundfunksendungen empfangene Kryptogramme, die mit Hilfe eines der gespeicherten Schlüssel entschlüsselbar sind, veränderbar sind.An advantageous decoder for performing the method according to one of the preceding claims characterized in that several keys can be stored, whereby at least part of the key is passed through with the Broadcasts received cryptograms using one of the stored keys can be decrypted, are changeable.

Ein Ausführungsbeispiel der Erfindung ist in der Zeichnung anhand mehrerer Figuren dargestellt und in der nachfolgenden Beschreibung näher erläutert. Es zeigt:An embodiment of the invention is in the drawing represented with several figures and in the following Description explained in more detail. It shows:

Fig. 1 eine schematische Darstellung der eine Baumstruktur bildenden Knoten, denen jeweils ein Schlüssel zugeordnet ist, wobei die Zahl der Decoder gegenüber der Wirklichkeit stark verringert ist, und Fig. 1 is a schematic representation of the nodes forming a tree structure, each of which is assigned a key, the number of decoders being greatly reduced compared to reality, and

Fig. 2 eine Abfolge von auszusendenden Nachrichten zum Entzug der Berechtigung eines bestimmten Decoders. Fig. 2 shows a sequence of messages to be sent to withdraw the authorization of a particular decoder.

Fig. 1 zeigt als Beispiel einen 3-ären Baum der Tiefe 2 mit Schlüsseln, welche den Knoten des Baums zugeordnet sind. Die Schlüssel K(2,i) sind fest jeweils einem Decoder Di bzw. einer Chipkarte zugeordnet. In dem dargestellten Beispiel gilt i=1, . . . , 9. Der Wurzel des Baums ist der Systemschlüssel SK=K(0,1) zugeordnet, während den m Nachfolgeknoten desjenigen Knoten, dem der Schlüssel K(r,s) zugeordnet ist, die Schlüssel K(r+1, ms-1+1), . . . K(r+1, ms-1+m) zugeordnet sind. Fig. 1 shows an example of a 3-ary tree of depth 2 with keys, which are assigned to the nodes of the tree. The keys K (2, i) are permanently assigned to a decoder Di or a chip card. In the example shown, i = 1,. . . , 9. The root of the tree is assigned the system key SK = K (0,1), while the m successor nodes of the node to which the key K (r, s) is assigned the keys K (r + 1, m s- 1 +1),. . . K (r + 1, m s-1 + m) are assigned.

Einem Decoder mit dem Schlüssel K(m, x) - beim in Fig. 1 dargestellten Beispiel K(2,i) - kann die Berechtigung, ein gebührenpflichtiges Rundfunkprogramm zu empfangen, dadurch erteilt werden, daß ihm gültige Schlüssel auf dem Weg innerhalb des Baums von K(m,x) nach K(0,1) mitgeteilt werden. Dazu sind maximal t-1 Nachrichten mit den Kryptogrammen der jeweils nächst höheren Schlüssel notwendig. Einem Decoder mit dem Schlüssel K(m,x) kann die Berechtigung, ein gebührenpflichtiges Rundfunkprogramm zu empfangen, dadurch entzogen werden, daß man alle Schlüssel auf dem Weg von K(m,x) nach K(0,1) ersetzt. Dazu sind maximal t·m Nachrichten mit den Kryptogrammen der neuen Schlüssel erforderlich. Die Schlüssel, die zur Erteilung oder zum Entzug der Berechtigung ausgetauscht werden müssen, können bei Verwendung einer regulären Baumstruktur leicht berechnet werden.A decoder with the key K (m, x) - in the example K (2, i) shown in FIG. 1 - can be granted the authorization to receive a radio program that is subject to a fee by having valid keys on its way within the tree from K (m, x) to K (0.1). This requires a maximum of t-1 messages with the cryptograms of the next higher key. A decoder with the key K (m, x) can be withdrawn from the authorization to receive a broadcast program subject to a fee by replacing all keys on the way from K (m, x) to K (0,1). This requires a maximum of t · m messages with the cryptograms of the new keys. The keys that need to be exchanged to grant or withdraw authorization can easily be calculated using a regular tree structure.

Fig. 2 zeigt eine Folge von Nachrichten, um den Decoder D9 mit Hilfe der in Fig. 1 beschriebenen Baumstruktur der Schlüssel zu deaktivieren. Jede Nachricht kann über einen Rundfunkkanal ausgestrahlt werden. Sie besitzt eine Adresse und eine Nutzlast, die in Fig. 2 durch einen senkrechten Strich getrennt sind. Mit Hilfe der Adresse erkennt jeder Decoder, ob eine bestimmte empfangene Nachricht von ihm verarbeitet werden muß. Die Nutzlast enthält ein Kryptogramm, das nur von den adressierten Decodern ausgewertet werden kann. Dabei bedeutet die Notation A<B<, daß die Information B mit dem Schlüssel A verschlüsselt wurde. Der Algorithmus zur Entschlüsselung ist im Decoder bekannt. FIG. 2 shows a sequence of messages in order to deactivate the decoder D9 using the tree structure of the keys described in FIG. 1. Each message can be broadcast on a broadcast channel. It has an address and a payload, which are separated by a vertical line in FIG. 2. With the help of the address, each decoder recognizes whether it needs to process a specific received message. The payload contains a cryptogram that can only be evaluated by the addressed decoders. The notation A <B <means that the information B has been encrypted with the key A. The decoding algorithm is known in the decoder.

Zeile a der Fig. 2 zeigt eine Nachricht an den Decoder D7, mit welchem dieser einen neuen Schlüssel K(1,3) neu erhält. Der Decoder D8 erhält ebenfalls den gleichen neuen Schlüssel, der jedoch in diesem Fall über den Schlüssel K(2,8) entschlüsselt wird (Zeile b). In der Nachricht gemäß Zeile c wird eine Adresse angegeben, die den Decodern D1 bis D3 gemeinsam ist und in Fig. 2 mit Gruppe 1 bezeichnet ist. Diese haben gemeinsam den Schlüssel K(1,1), der zur Entschlüsselung des neuen Systemschlüssels SKneu dient. In gleicher Weise wird dann für die Gruppe 2 (Decoder D4 bis D6) und für die Gruppe 3 (Decoder D7 bis D9) der neue Systemschlüssel SKneu übertragen (Zeilen d und e). Dabei ist allerdings der Decoder D9 nicht in der Lage, das Kryptogramm K(1,3) neu <SKneu< zu entschlüsseln. Der Decoder D9 erhält somit keine neuen Systemschlüssel SKneu und kann die darauf folgend übertragenen Nutzsignale nicht mehr decodieren.Line a of Fig. 2 shows a message to the decoder D7, with which it receives a new key K (1,3) new. The decoder D8 also receives the same new key, but in this case it is decrypted using the key K (2.8) (line b). In the message according to line c an address is given which is common to the decoders D1 to D3 and which is designated with group 1 in FIG. 2. These have in common the key K (1,1), which is used to decrypt the new system key SKneu. The new system key SKneu is then transmitted in the same way for group 2 (decoders D4 to D6) and for group 3 (decoders D7 to D9) (lines d and e). However, the decoder D9 is not able to decrypt the cryptogram K (1,3) new <SKnew <. The decoder D9 thus does not receive any new SKneu system keys and can no longer decode the useful signals transmitted subsequently.

Claims (4)

1. Verfahren zur Erteilung und zum Entzug der Berechtigung zum Empfang von Rundfunksendungen, die durch Verschlüsselung geschützt sind, mit einem Decoder, dadurch gekennzeichnet,
  • - daß die Schlüssel aller betroffenen Decoder eine Baumstruktur bilden, deren Wurzel ein Systemschlüssel zugeordnet ist, der zur Entschlüsselung eines mit der jeweiligen Rundfunksendung empfangenen Kontrollwortes dient,
  • - daß den der Wurzel und den einzelnen Knoten nachfolgenden Knoten Schlüssel zugeordnet sind,
  • - daß den Blättern dieses Baumes feste Schlüssel zugeordnet sind, die eindeutig einem Decoder oder einem Teil eines Decoders (z. B. einer Chipkarte) zugeordnet sind,
  • - daß die Schlüssel, die jeweils einen Ast der Baumstruktur bilden, in jeweils einem Decoder gespeichert werden und
  • - daß die in jeweils einem Decoder gespeicherten Schlüssel zur Entschlüsselung von empfangenen Kryptogrammen dienen, welche Änderungen der gespeicherten Schlüssel und des gespeicherten Systemschlüssels bewirken,
  • - daß diejenigen Schlüssel, die solchen Knoten zugeordnet sind, welche einem bestimmten Knoten unmittelbar nachfolgen, dazu dienen, Kryptogramme zu entschlüsseln, die einen Schlüssel enthalten, der dem bestimmten Knoten neu zugeordnet werden soll.
1. A method for granting and withdrawing authorization to receive radio broadcasts which are protected by encryption using a decoder, characterized in that
  • that the keys of all affected decoders form a tree structure, the root of which is assigned a system key which is used to decrypt a control word received with the respective broadcast,
  • that keys are assigned to the nodes following the root and the individual nodes,
  • that the leaves of this tree are assigned fixed keys which are clearly assigned to a decoder or part of a decoder (e.g. a chip card),
  • - That the keys, which each form a branch of the tree structure, are stored in a decoder and
  • that the keys stored in each decoder are used to decrypt received cryptograms, which change the stored keys and the stored system key,
  • - That those keys that are assigned to nodes that immediately follow a particular node are used to decrypt cryptograms that contain a key that is to be reassigned to the particular node.
2. Verfahren nach Anspruch 1, dadurch gekennzeichnet, daß die Baumstruktur m-regulär ist, wobei in mtn gilt mit m = Zahl der einem Knoten oder der Wurzel nachfolgenden Knoten, t = Zahl der von Knoten gebildeten Ebenen und n = Zahl der Decoder.2. The method according to claim 1, characterized in that the tree structure is m-regular, where in m t n with m = number of nodes following a node or the root, t = number of levels formed by nodes and n = number of Decoder. 3. Verfahren nach einem der Ansprüche 1 oder 2, dadurch gekennzeichnet, daß zum Entzug der Berechtigung eines bestimmten Decoders
  • - für jeden Decoder außer dem bestimmten Decoder, der zusammen mit dem bestimmten Decoder demselben Knoten nachfolgt, ein Kryptogramm gesendet wird, das den mit dem festen Schlüssel des Decoders verschlüsselten Schlüssel enthält, der dem gemeinsamen Knoten neu zugeordnet wird,
  • - beginnend mit dem Knoten, der dem gemeinsamen Knoten vorausgeht, bis zur Wurzel für jeweils alle nachfolgenden Knoten aller dem bestimmten Decoder mittelbar vorausgehenden Knoten jeweils ein Kryptogramm gesendet wird, das den mit dem Schlüssel des jeweils nachfolgenden Knotens verschlüsselten Schlüssel enthält, der dem dem bestimmten Decoder mittelbar vorausgehenden Knoten neu zugeordnet wird.
3. The method according to any one of claims 1 or 2, characterized in that to withdraw the authorization of a particular decoder
  • a cryptogram is sent for each decoder apart from the particular decoder which follows the same node together with the particular decoder, which contains the key encrypted with the fixed key of the decoder which is reassigned to the common node,
  • - Starting with the node that precedes the common node, a cryptogram is sent to the root for all subsequent nodes of all nodes indirectly preceding the particular decoder, which contains the key encrypted with the key of the subsequent node that corresponds to the particular one Decoder is indirectly reassigned to previous nodes.
4. Decoder zur Durchführung des Verfahrens nach einem der vorhergehenden Ansprüche, dadurch gekennzeichnet, daß mehrere Schlüssel speicherbar sind, wobei mindestens ein Teil der Schlüssel durch mit den Rundfunksendungen empfangene Kryptogramme, die mit Hilfe eines der gespeicherten Schlüssel entschlüsselbar sind, veränderbar sind.4. Decoder for performing the method according to one of the preceding claims, characterized in that several keys can be stored, at least one Part of the keys through with the broadcasts received cryptograms, which are created using one of the stored keys are decryptable, changeable are.
DE1995111298 1995-03-28 1995-03-28 Procedure for issuing and revoking the authorization to receive broadcasts and decoders Expired - Lifetime DE19511298B4 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
DE1995111298 DE19511298B4 (en) 1995-03-28 1995-03-28 Procedure for issuing and revoking the authorization to receive broadcasts and decoders

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
DE1995111298 DE19511298B4 (en) 1995-03-28 1995-03-28 Procedure for issuing and revoking the authorization to receive broadcasts and decoders

Publications (2)

Publication Number Publication Date
DE19511298A1 true DE19511298A1 (en) 1996-10-02
DE19511298B4 DE19511298B4 (en) 2005-08-18

Family

ID=7757929

Family Applications (1)

Application Number Title Priority Date Filing Date
DE1995111298 Expired - Lifetime DE19511298B4 (en) 1995-03-28 1995-03-28 Procedure for issuing and revoking the authorization to receive broadcasts and decoders

Country Status (1)

Country Link
DE (1) DE19511298B4 (en)

Cited By (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE19630707A1 (en) * 1996-07-30 1998-02-05 Deutsche Telekom Ag Procedures and arrangements to avoid unauthorized use of distribution networks
DE19649292A1 (en) * 1996-11-28 1998-06-04 Deutsche Telekom Ag Access protection method for pay television
EP0987893A1 (en) * 1998-09-16 2000-03-22 CANAL+ Société Anonyme Management of data in a receiver/decoder
DE19847941A1 (en) * 1998-10-09 2000-04-13 Deutsche Telekom Ag Common cryptographic key establishment method for subscribers involves successively combining two known secret values into a new common value throughout using Diffie-Hellmann technique
WO2001008348A1 (en) * 1999-07-23 2001-02-01 British Telecommunications Public Limited Company Data distribution
DE10038068A1 (en) * 2000-08-04 2002-02-14 Deutsche Telekom Ag Process for the transmission of data
EP1185021A1 (en) * 2000-04-06 2002-03-06 Sony Corporation Information processing system and method
EP1185023A1 (en) * 2000-04-06 2002-03-06 Sony Corporation Information recording/reproducing apparatus and method
EP1185022A1 (en) * 2000-04-06 2002-03-06 Sony Corporation Information recording/reproducing apparatus and method
EP1187390A1 (en) * 2000-04-06 2002-03-13 Sony Corporation Information processing system and method
EP1206065A1 (en) * 2000-06-21 2002-05-15 Sony Corporation Information recording/reproducing apparatus and method
EP1215844A2 (en) * 2000-12-18 2002-06-19 Matsushita Electric Industrial Co., Ltd. Key management device/method/program, recording medium, reproducing device/method, recording device, and computer-readable, second recording medium storing the key management program for copyright protection
EP1221782A1 (en) * 2000-06-21 2002-07-10 Sony Corporation Information processing device and processing method
WO2003107588A1 (en) * 2002-06-17 2003-12-24 Koninklijke Philips Electronics N.V. System for authentication between devices using group certificates
EP1176757A3 (en) * 2000-07-24 2004-10-20 Sony Corporation System, method and apparatus for key distribution, license system, and program providing medium
EP1176755A3 (en) * 2000-07-24 2004-11-24 Sony Corporation Key distribution system, method and program providing medium
EP1575292A1 (en) * 2004-03-10 2005-09-14 Nagracard S.A. Method of securing a scrambled content sent by a broadcaster
DE102004042094B3 (en) * 2004-08-30 2005-09-22 RUHR-UNIVERSITäT BOCHUM Digital data transmission method such as for pay TV using a single use code
WO2007059807A1 (en) * 2005-11-22 2007-05-31 Nero Ag Apparatus and method for retrieving a decryption key, license server and media player
WO2008023036A1 (en) * 2006-08-23 2008-02-28 Thales System and method of decentralized management of a secure system delivering different services
US7362870B2 (en) 2001-04-19 2008-04-22 Sony Corporation Method and apparatus for recording/playing back information
JP2009118529A (en) * 2009-02-25 2009-05-28 Deutsche Telekom Ag Method of securely protecting system protected by key layer
US7599488B2 (en) 1998-01-02 2009-10-06 Cryptography Research, Inc. Differential power analysis
US7668310B2 (en) 1998-06-03 2010-02-23 Cryptography Research, Inc. Cryptographic computation using masking to prevent differential power analysis and other attacks
US7792287B2 (en) 1998-01-02 2010-09-07 Cryptography Research, Inc. Leak-resistant cryptographic payment smartcard
US7941666B2 (en) 1998-07-02 2011-05-10 Cryptography Research, Inc. Payment smart cards with hierarchical session key derivation providing security against differential power analysis and other attacks

Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4309569A (en) * 1979-09-05 1982-01-05 The Board Of Trustees Of The Leland Stanford Junior University Method of providing digital signatures
DE3325858A1 (en) * 1982-07-23 1984-01-26 Oak Industries Inc., Rancho Bernardo, Calif. MULTI-LAYER ENCRYPTION SYSTEM FOR SENDING ENCRYPTED INFORMATION
EP0132401A2 (en) * 1983-07-21 1985-01-30 Kabushiki Kaisha Toshiba Information transmission system
DE3524472A1 (en) * 1984-07-09 1986-01-16 Kabushiki Kaisha Toshiba, Kawasaki, Kanagawa TRANSMITTER / RECEIVER FOR ENCRYPTED SIGNALS
US4661658A (en) * 1985-02-12 1987-04-28 International Business Machines Corporation Offline PIN validation with DES
DE3717022A1 (en) * 1987-05-21 1988-12-15 Thomson Brandt Gmbh DATA TRANSFER SYSTEM
DE3802612C1 (en) * 1988-01-29 1989-08-17 Prof. Dr. Bruckschen & Partner Gmbh, 4130 Moers, De System for charging for television programmes and the like
US4881264A (en) * 1987-07-30 1989-11-14 Merkle Ralph C Digital signature system and method based on a conventional encryption function
JPH0288859A (en) * 1988-09-26 1990-03-29 Hitachi Maxell Ltd Systematized control for entering or leaving room with ic card
DE3827172C2 (en) * 1987-08-13 1990-05-03 Peter 8000 Muenchen De Elsner
EP0287720B1 (en) * 1987-04-22 1992-01-08 International Business Machines Corporation Management of cryptographic keys
US5202921A (en) * 1991-04-01 1993-04-13 International Business Machines Corporation Method and apparatus for authenticating users of a communication system to each other
US5231666A (en) * 1992-04-20 1993-07-27 International Business Machines Corporation Cryptographic method for updating financial records
JPH05327748A (en) * 1992-05-27 1993-12-10 Fujitsu Ltd Multi-address communication system
FR2696567A1 (en) * 1992-10-02 1994-04-08 Gemplus Card Int Encryption and processing of signals from smart card - using value determined by traversal of tree determined by repeated processing of original data, as key
JPH06274398A (en) * 1993-03-24 1994-09-30 Toshiba Corp File control system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
IL106796A (en) * 1993-08-25 1997-11-20 Algorithmic Res Ltd Broadcast encryption

Patent Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4309569A (en) * 1979-09-05 1982-01-05 The Board Of Trustees Of The Leland Stanford Junior University Method of providing digital signatures
DE3325858A1 (en) * 1982-07-23 1984-01-26 Oak Industries Inc., Rancho Bernardo, Calif. MULTI-LAYER ENCRYPTION SYSTEM FOR SENDING ENCRYPTED INFORMATION
EP0132401A2 (en) * 1983-07-21 1985-01-30 Kabushiki Kaisha Toshiba Information transmission system
DE3524472A1 (en) * 1984-07-09 1986-01-16 Kabushiki Kaisha Toshiba, Kawasaki, Kanagawa TRANSMITTER / RECEIVER FOR ENCRYPTED SIGNALS
US4661658A (en) * 1985-02-12 1987-04-28 International Business Machines Corporation Offline PIN validation with DES
EP0287720B1 (en) * 1987-04-22 1992-01-08 International Business Machines Corporation Management of cryptographic keys
DE3717022A1 (en) * 1987-05-21 1988-12-15 Thomson Brandt Gmbh DATA TRANSFER SYSTEM
US4881264A (en) * 1987-07-30 1989-11-14 Merkle Ralph C Digital signature system and method based on a conventional encryption function
DE3827172C2 (en) * 1987-08-13 1990-05-03 Peter 8000 Muenchen De Elsner
DE3802612C1 (en) * 1988-01-29 1989-08-17 Prof. Dr. Bruckschen & Partner Gmbh, 4130 Moers, De System for charging for television programmes and the like
JPH0288859A (en) * 1988-09-26 1990-03-29 Hitachi Maxell Ltd Systematized control for entering or leaving room with ic card
US5202921A (en) * 1991-04-01 1993-04-13 International Business Machines Corporation Method and apparatus for authenticating users of a communication system to each other
US5231666A (en) * 1992-04-20 1993-07-27 International Business Machines Corporation Cryptographic method for updating financial records
JPH05327748A (en) * 1992-05-27 1993-12-10 Fujitsu Ltd Multi-address communication system
FR2696567A1 (en) * 1992-10-02 1994-04-08 Gemplus Card Int Encryption and processing of signals from smart card - using value determined by traversal of tree determined by repeated processing of original data, as key
JPH06274398A (en) * 1993-03-24 1994-09-30 Toshiba Corp File control system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
SANTOSH,CHOKHANI: Toward a National Public Key Infrastructure. In: IEEE Communications Magazine, Sept. 1994, S.70-74 *

Cited By (55)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE19630707A1 (en) * 1996-07-30 1998-02-05 Deutsche Telekom Ag Procedures and arrangements to avoid unauthorized use of distribution networks
DE19649292A1 (en) * 1996-11-28 1998-06-04 Deutsche Telekom Ag Access protection method for pay television
WO1999033270A1 (en) * 1996-11-28 1999-07-01 Deutsche Telekom Ag Method for securing a system protected by key hierarchy
US8879724B2 (en) 1998-01-02 2014-11-04 Rambus Inc. Differential power analysis—resistant cryptographic processing
US7792287B2 (en) 1998-01-02 2010-09-07 Cryptography Research, Inc. Leak-resistant cryptographic payment smartcard
US9419790B2 (en) 1998-01-02 2016-08-16 Cryptography Research, Inc. Differential power analysis—resistant cryptographic processing
US7599488B2 (en) 1998-01-02 2009-10-06 Cryptography Research, Inc. Differential power analysis
US7787620B2 (en) 1998-06-03 2010-08-31 Cryptography Research, Inc. Prevention of side channel attacks against block cipher implementations and other cryptographic systems
US7668310B2 (en) 1998-06-03 2010-02-23 Cryptography Research, Inc. Cryptographic computation using masking to prevent differential power analysis and other attacks
US7941666B2 (en) 1998-07-02 2011-05-10 Cryptography Research, Inc. Payment smart cards with hierarchical session key derivation providing security against differential power analysis and other attacks
US9852572B2 (en) 1998-07-02 2017-12-26 Cryptography Research, Inc. Cryptographic token with leak-resistant key derivation
EP0987893A1 (en) * 1998-09-16 2000-03-22 CANAL+ Société Anonyme Management of data in a receiver/decoder
US6857077B1 (en) 1998-09-16 2005-02-15 Thomson Licensing S. A. Management of data in a receiver/decoder
WO2000016554A1 (en) * 1998-09-16 2000-03-23 Canal+ Societe Anonyme Management of data in a receiver/decoder
AU757979B2 (en) * 1998-09-16 2003-03-13 Interdigital Ce Patent Holdings Management of data in a receiver/decoder
DE19847941A1 (en) * 1998-10-09 2000-04-13 Deutsche Telekom Ag Common cryptographic key establishment method for subscribers involves successively combining two known secret values into a new common value throughout using Diffie-Hellmann technique
US7606369B1 (en) 1998-10-09 2009-10-20 Deutsche Telekom Ag Process for establishing a common cryptographic key for N subscribers
US7212634B2 (en) 1999-07-23 2007-05-01 British Telecommunications Plc Data distribution
EP1075108A1 (en) * 1999-07-23 2001-02-07 BRITISH TELECOMMUNICATIONS public limited company Cryptographic data distribution
WO2001008348A1 (en) * 1999-07-23 2001-02-01 British Telecommunications Public Limited Company Data distribution
EP1185022A1 (en) * 2000-04-06 2002-03-06 Sony Corporation Information recording/reproducing apparatus and method
EP1185023A4 (en) * 2000-04-06 2006-10-18 Sony Corp Information recording/reproducing apparatus and method
EP1185021A1 (en) * 2000-04-06 2002-03-06 Sony Corporation Information processing system and method
US7443984B2 (en) 2000-04-06 2008-10-28 Sony Corporation Information processing system and method for distributing encrypted message data
EP1185023A1 (en) * 2000-04-06 2002-03-06 Sony Corporation Information recording/reproducing apparatus and method
EP1187390A1 (en) * 2000-04-06 2002-03-13 Sony Corporation Information processing system and method
EP1185021A4 (en) * 2000-04-06 2003-05-07 Sony Corp Information processing system and method
EP1187390A4 (en) * 2000-04-06 2003-05-07 Sony Corp Information processing system and method
US7225339B2 (en) 2000-04-06 2007-05-29 Sony Corporation Information recording/playback apparatus and method
EP1185022A4 (en) * 2000-04-06 2006-07-26 Sony Corp Information recording/reproducing apparatus and method
EP1221782A1 (en) * 2000-06-21 2002-07-10 Sony Corporation Information processing device and processing method
EP1206065A1 (en) * 2000-06-21 2002-05-15 Sony Corporation Information recording/reproducing apparatus and method
EP1416663A1 (en) * 2000-06-21 2004-05-06 Sony Corporation Information processing device and method
US7346169B2 (en) 2000-06-21 2008-03-18 Sony Corporation Information processing device and method
EP1206065A4 (en) * 2000-06-21 2006-10-18 Sony Corp Information recording/reproducing apparatus and method
EP1221782A4 (en) * 2000-06-21 2003-06-04 Sony Corp Information processing device and processing method
US7283633B2 (en) 2000-06-21 2007-10-16 Sony Corporation Information recording and/or reproducing method and information recording and/or reproducing device
US8098827B2 (en) 2000-07-24 2012-01-17 Sony Corporation Data processing system, data processing method, and program providing medium
EP1176755A3 (en) * 2000-07-24 2004-11-24 Sony Corporation Key distribution system, method and program providing medium
EP1176757A3 (en) * 2000-07-24 2004-10-20 Sony Corporation System, method and apparatus for key distribution, license system, and program providing medium
US7116785B2 (en) 2000-07-24 2006-10-03 Sony Corporation Data processing system, data processing method, and program providing medium
US7653939B2 (en) 2000-07-24 2010-01-26 Sony Corporation Data processing system, data processing method, data processing apparatus, license system, and program providing medium
DE10038068A1 (en) * 2000-08-04 2002-02-14 Deutsche Telekom Ag Process for the transmission of data
EP1215844A2 (en) * 2000-12-18 2002-06-19 Matsushita Electric Industrial Co., Ltd. Key management device/method/program, recording medium, reproducing device/method, recording device, and computer-readable, second recording medium storing the key management program for copyright protection
EP1215844A3 (en) * 2000-12-18 2003-10-22 Matsushita Electric Industrial Co., Ltd. Key management device/method/program, recording medium, reproducing device/method, recording device, and computer-readable, second recording medium storing the key management program for copyright protection
US7362870B2 (en) 2001-04-19 2008-04-22 Sony Corporation Method and apparatus for recording/playing back information
WO2003107588A1 (en) * 2002-06-17 2003-12-24 Koninklijke Philips Electronics N.V. System for authentication between devices using group certificates
CN100542270C (en) * 2004-03-10 2009-09-16 纳格拉卡德股份有限公司 The method of the safety of the encrypted content of protection broadcaster broadcasting
WO2005099264A1 (en) * 2004-03-10 2005-10-20 Nagracard S.A. Method for securing encrypted content broadcast by a broadcaster
EP1575292A1 (en) * 2004-03-10 2005-09-14 Nagracard S.A. Method of securing a scrambled content sent by a broadcaster
DE102004042094B3 (en) * 2004-08-30 2005-09-22 RUHR-UNIVERSITäT BOCHUM Digital data transmission method such as for pay TV using a single use code
WO2007059807A1 (en) * 2005-11-22 2007-05-31 Nero Ag Apparatus and method for retrieving a decryption key, license server and media player
FR2905217A1 (en) * 2006-08-23 2008-02-29 Thales Sa SYSTEM AND METHOD FOR DECENTRALIZED MANAGEMENT OF A SECURE SYSTEM DELIVERING DIFFERENT SERVICES
WO2008023036A1 (en) * 2006-08-23 2008-02-28 Thales System and method of decentralized management of a secure system delivering different services
JP2009118529A (en) * 2009-02-25 2009-05-28 Deutsche Telekom Ag Method of securely protecting system protected by key layer

Also Published As

Publication number Publication date
DE19511298B4 (en) 2005-08-18

Similar Documents

Publication Publication Date Title
DE19511298A1 (en) Method of allotting and withdrawing reception authorisation for chargeable reception
DE69902527T3 (en) ADJUSTMENT DEVICE BETWEEN A RECEIVER AND A SAFETY MODULE
DE69821159T2 (en) Authentication system and method, and authentication device and method
DE3014309C2 (en)
DE60103637T2 (en) SYSTEM AND METHOD FOR SAFE DATA TRANSMISSION
DE3124150C2 (en) Method for encrypting and transmitting information and decrypting the same
DE2226290A1 (en) PROCEDURE AND EQUIPMENT FOR DISPLAYING MULTIPLE DIFFERENT SECTIONS OF INFORMATION
EP0271748A2 (en) System for processing scrambled transmission information
DE69910786T2 (en) Methods of distributing keys to a number of secured devices, methods of communication between a number of secured devices, security system, and set of secured devices
DE3809795A1 (en) Information transmission system using IC cards
DE60002921T2 (en) INTERFACE AND DECODING DEVICE FOR A HOST SYSTEM
DE19750779C1 (en) Traitor tracing or unauthorised user identification method for proprietary data
DE60309507T2 (en) ADMINISTRATIVE ADMINISTRATIVE PROCEDURE FOR PRESENTATION OF EVENTS WITH CONDITIONAL ACCESS
DE102008010794B3 (en) Method for unmanipulable, tap-proof and non-hackable P2P communication in multi-subscriber networks
DE602004003346T2 (en) PAY TELEVISION, METHOD FOR REMOVING RIGHTS IN SUCH A SYSTEM, ASSOCIATED DECODER AND CHIP CARD, AND MESSAGE TRANSMITTED TO SUCH A DECODER
DE60225721T2 (en) PROCEDURE FOR ACCESS CONTROL OF SPECIFIC SERVICES BY A DISTRIBUTOR
EP0187973A2 (en) Method and circuit arrangement for the prevention of unauthorised reception of scrambled television signals
DE4420970A1 (en) Decryption device for decryption algorithms and method for performing the encryption and decryption thereof
WO2002013453A2 (en) Method for data transmission using a tree structure having associated keys
DD295477A5 (en) METHOD AND DEVICE FOR TRANSMITTING INFORMATION BY ELECTROMAGNETIC WAVES
DE10108872B4 (en) Method for enabling the decryption of transmitted information
EP1487141B1 (en) Preparation of key shares of a value encrypted by visual cryptography
EP1083749A2 (en) System and equipment for selective datatransmission over a broadcast system
DE60029134T2 (en) MANAGEMENT OF A SECRET KEY
DE10238615B4 (en) Method for writing cryptographic keys in signature cards

Legal Events

Date Code Title Description
OM8 Search report available as to paragraph 43 lit. 1 sentence 1 patent law
8110 Request for examination paragraph 44
8364 No opposition during term of opposition
R071 Expiry of right
R071 Expiry of right