CA1279924C - Cryptographic system using interchangeable key blocks and selectable key fragments - Google Patents

Cryptographic system using interchangeable key blocks and selectable key fragments

Info

Publication number
CA1279924C
CA1279924C CA000496509A CA496509A CA1279924C CA 1279924 C CA1279924 C CA 1279924C CA 000496509 A CA000496509 A CA 000496509A CA 496509 A CA496509 A CA 496509A CA 1279924 C CA1279924 C CA 1279924C
Authority
CA
Canada
Prior art keywords
key
information
node
fragment
fragments
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
CA000496509A
Other languages
French (fr)
Inventor
Donald R. Horne
John M. Jeffers
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Arris Technology Inc
Original Assignee
General Instrument Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by General Instrument Corp filed Critical General Instrument Corp
Priority to CA000615864A priority Critical patent/CA1315388C/en
Application granted granted Critical
Publication of CA1279924C publication Critical patent/CA1279924C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/167Systems rendering the television signal unintelligible and subsequently intelligible
    • H04N7/1675Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/238Interfacing the downstream path of the transmission network, e.g. adapting the transmission rate of a video stream to network bandwidth; Processing of multiplex streams
    • H04N21/2389Multiplex stream processing, e.g. multiplex stream encrypting
    • H04N21/23895Multiplex stream processing, e.g. multiplex stream encrypting involving multiplex stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26613Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing keys in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/633Control signals issued by server directed to the network components or client
    • H04N21/6332Control signals issued by server directed to the network components or client directed to client
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/601Broadcast encryption

Abstract

JOHN M. JEFFERS
DONALD R. HORNE
CRYPTOGRAPHIC SYSTEM USING
INTERCHANGEABLE KEY BLOCKS
AND SELECTABLE KEY FRAGMENTS

ABSTRACT OF THE DISCLOSURE

A cryptographic system is used for the secure transmission of digitized signals to a plurality of receivers. At the transmission end, a key consisting of two blocks, each including a plurality of key fragments, is generated, For each transmission session, different sets of key fragments may be periodically selected from one of the key blocks and used to encrypt the signals.
Data indicative of the set selection is generated.
The key is distributed to each receiver. The set selection data is transmitted to all receivers along with the encrypted signals and used to construct the key fragment set for decryption of the transmitted signals. During the transmission session, the other key block may be varied to form a replacement key which is distributed to each receiver. At the end of the session, the functions of the key blocks are interchanged in all receivers at one time by selecting a set in the varied key block for use in encryption and decryption.

Description

~7~

INTERCHANGEABLE KEY BLOCKS
AND SELECTABLE KEY FRAGMENTS

The presen~ invention relates to cryptographic systems and, more particularly, to a cryptographic system for use in a signal distribution system such as a direct broadcast satellite communication network which utilizes periodically rearrangeable key fragments for increased agility and interchangeable key blocks to facilitate the distribution of replacement keys.

{~

The availability of small, low-cost television receive-only terminals In recent years has resulted in an increasing demand for direct broadcast satellite services. Such S services include Pay TV, tele-conferenclng, tele-seminar, private broadcas~ networks, and the likeO
Unlike land lines and terrestrial microwave links, satellite transmissions lack privacy. Such transmissions can be received by any TV receive-only terminal whose antenna is situated to rece~ve the satellite signals.
Accordingly, the secure transmission of video and audio programming and data slgnals is required ~o provide the privacy essential to many appllcations.
A s~mple example of a direct broadcast satellite network in which security is required is one which broadcasts television signals to paying subscribers. Since any receiver having an antenna in the broadcast signal area can receive the satellite signals, it is necessary that the signals be encoded in a way which can be decoded only by subscribers' receivers.
Certain subscribers may have paid for certain programs or program groups, whereas others may have paid for other programs or program groups.
The signals must then be further encoded such 3~

~.~ 79 ~ ~

that subscribers who have pald for particular programs or groups of programs can receive same, while other subscribers cannot.
In the direct b~oadcast sate11ite service in which the cryptographic system of the present invention is used~ the video signals are processed and transmitted in analog form. Audio s19nals are digitized and transmitted in dig~tal data form. Addressable control data is organized into packets according to address and transmitted ~n the same digital form as the audio slgnals. All of the signals are combined in baseband using time-div~sion-mul~iplex techniques. The combined baseband signal is then transmitted over the satellite link to subscriberâ' recelvers using FM
modulation.
In general, the transmission end equipment consists of a program processing un~t and a real time controller. The program processing unit per~orms video signal processing and scrambling~ audio digitization, encryption of the aud~o data, and baseband slgnals time mult~plex~ng. The real t~me controller 25 generates the audio cryptographic keys, encrypts the addressable control messages, generates the packet messages ~n accordance with the transm~ssion protocol, maintains the user data base and communlcates with other processing un~ts.

~ V~,7~3~3.~

The receiving end equipment includes an addressable controller-decoder designed for use with a receiver which has the necessary interface for interaction with the decoder. The address-able controller-decoder demultiplexes the baseband signal, controls the receiver, descrambles the video signal, decrypts the audio data, and converts the audio data into analog form.
The baseband signal utilizes a composite video signal for-mat which includes active video portions and horizontal blanking interval portions. The two audio channels and control data channel occupy a portion of the time normally allotted to the horizontal blanking interval. The video frame synchronization information and the zero level reference are transmitted during the vertical blank-ing interval. The audio data and the control data ar,e transmitted in a burst, synchronous mode. The data is non-returnable to zero binary encoded.
A two-level video scrambling screen is used. The first level is achieved by removing the line and frame synchronization pulses completely from the video signal. A unique sync word is transmitted in the vertical blanking interval for synchronization purposes. The addressable controller-decoder establishes synchron-ization by searching and locating the sync word. Once the sync word is located, all the sync pulses are reconstructed with refer-ence to the sync word. This technique is used in conjunction with vîdeo signal inversion, whlch is the second security level. The sequence of video lnversion is controlled by a binary bit stream at the transmitting end. The same bit stream is used to recover the inverted signal at the receiving end.

7~

Unllke vldeo scrambllng, a highly secure audlo encryptlon system can be achieved relatively inexpensively. The decryption circuit, being totally digital, can be implemented uslng semi-custom or custom integrated circuits.
The system uses an encryption scheme in which the clear audio blt stream is combined wlth the bit stream generated by a stream cipher using an exclusive OR operation. The receiving end decrypts the audio bit stream using the same stream cipher bit stream. The stream cipher bit stream is generated by a set of key fragments selected from the current key block of a double length common audio key and an initializing vector. The algorithm for generating the ~it ~tream i~ secret. The entire common audio ~ey is dlstrlbuted to each receiver in encrypted form thrdugh the control data channel. One k~y block of the key is designated as the current key block and used ~or the duration o~ the communication se~sion. The inltializing vector i~ used for the duration of each video frame and i~ transmitted in the clear form ln the horizontal blanking interval. Extremely low error rate for the initiallzing vector i8 achieved by transm~tting each bit many tlmes.
~0 The addre~sa~le control data is organlzed into data blocks of 128 bits each. This channel carrie~ much sensltive information in encrypted form ~uch a~ audio decryption key information and authorization tier levels. The sy~tem is deslgned to prevent an eavesdropper from receiving the correct information and to prevent a legitimate recelver from receiving more lnformation than i~
authorized. In part, ~his i achleved by encryptlng the common 79~3;~

audio key differently for each receiver. In thls way, even in the unlikely event that an encrypted key is compromised, damage is limited because each encrypted key is useable only on'a single ..

,:.

1~ 4 receiver. E'urther, security is obtained because the key fragments in use can be rearranged periodically and new keys can be distri-buted and used for each transmission session.
The common audio key is encrypted for each receiver using a secret block cipher based on a unique key. The key has 64 bits which are assembled from 128 bits of stored information.
When compared with the conventional Data Encryption Standard algorithm, the present block cipher has a larger block and a longer key. Accordingly, brute force attacks on the cipher will take considerably more effort.
The present invention relates to two improvements in a basic cryptographic system. The first improvement relates to the use of periodically rearrangeable key fragments for improved agility.
It is desirable, for security purposes, to be able to conveniently and rapidly alter the keys in the cryptographic system. Key alterations create a moving target which makes it more difficult to de~eat the system, as compared to a static system.
This aspect of the present invention involves a crypto-graphic system in which selected fragments of the keys which are provided to the receivers are arranged and used for decryption at a given time. Periodically, the key fragment selection and order may be altered. For purposes of this application, the term , . ,~
`;`~

~'7~

"fragment~ts used to denote any part or pOLtiOn~ such as a byte or set of blts, of the digital key information from whlch the actual key needed for decryption is constructed.
Each subscriber receiver unit utilizes two different key fragment sets in the decry~tion oE the broadcast signals. One set of key fragments is selected from a common audio key distributed in encrypted form This set of fragments is used to decrypt the broad-cast signal. The other set of fragments is selected from a key stored in the memory of the receiver. The stored key is different for each receiver and pre-loaded in the receiver memory at the factory. The fragments from the stored key are used to decrypt the common audio key. Fragment set selection data ls transmltted to the receiver units to define the selection and order of fragments of each key to be used to construct the actual decryption keys.
With this system, the actual decryption keys can be altered without distributing new keys. Instead, di~ferent key fragments are periodically selected and/or rearranged to form sets which are the new actual decrypting key~. As u~ed herein, the term "set" means any ordered group of ona or more key fragments. Different arrangements of the same fragments are considered different sets.

~ ~'7 - ~
.
A second aspect of the present invention relates to the manner in which new or replacement keys are distributed. The common audio key is "individual1zed" for each receiver by encrypting it using the unique key stored in the particular receiverO Thus~
a differently encrypted common audio key must be distributed to each receiver separately.
The ke~y is distributed periodically~ preferably at least once during each transmission session, and retained in a memory in each receiver unit.
Since the network is designed ~o service m~llions of subscribers, the distribution time for a new common audio key would be several hours.
A relatively long distribution time creates an operational problem because~ during changeover, a large number of receiver units having the new key will be unable to process program ~nformation encrypted ~ith the old key.
The present invention overcomes this problem through the use of a common audio key of double length, that is, with two blocks or sections, each containing enough key fragments for construction of a key fragment set for decryption. Only one key block, the current key block, is designated for use in decrypting during a particular transm~ssion session. The ~ ~'7~ 9~ ~

/~
. ~

other key block, the var1able key block, is not used for encrypting or decrypting during the transmlssion session, but is instead varied, The encrypted new audio keys "~ h the varled key S block, are distributed to and stored ln all receivers during the transmission session. The new key replaces the old key in each subscriber unit. The replacement key has a block which is identical to the current block of the old key.
Since the current key block of the old current key and the corresponding key block of the replacement key are identical, no discontinulty of operation occurs as the new key replaces the current key.
Upon command in the form of updated key fragment set select10n data, which ~s simultaneously distributed to all recelvers at the end of the transmisslon sesslon, the functions of the key blocks are interchanged and all receiver units switch over to use the varied key block of the replacement key for decrypting at the same time. Simultaneously, the circult encryptin~ the broadcast signals switches over to the varied key block, Thus, although the distribution o~ the replacement key still requires several hours, all subscr1ber units are switched over to the new key at the same time.

'79'3~

, It is, therefore, a prime object of the present invention to provide a crypto-graphic system for use in a direct broadcast satellite network wherein a periodically rearrangeable selection of key fragments is used to enhance cryptographic agility.
It is another objeck of the present i.nvention to provide a cryptographic system ~or use in a direct broadcast satellite network in which subscriber receiver units can all be switched over to a new, previously distributed, key at the same time, It is another object of the present invention to provide a cryptographic sy`-stem for use in a direct broadcast satellite network wherein selected sets of key fragments are used ~o construct the actual decrypkion keys.
I~ is another object of the present invention ko provide a cryptographic system for use in a direct broadcast satellite network wherein the broadcast signal contains information which each receiver unit utillzes to select and arrange key fragments for use in decryption of the broadcast signals.
It is another object of the present invent~on to provide a cryptographic system for use in a direct broadcast satellite network 3~

which employs dual key blocks~ one of whlch is utilized in current decryption, while the other is varied.
It is another objec~ of the presen~
S invention to provide a cryptographic system for use in a direct broadcast satellite network which employs dual key blocks and in which all receiver units are switched from the one key block to the other key block at the same time.
It is another object of the present inven~ion to provide a cryptograph~c system for use in a direct broadcast satellite network which employs dual key blocks for rapid key changeover and a changeable selection of key fragment sets for increased agility.
It is another ob~ect of the present invention to provide a cryptographic system for use in a direct broadcast satellite network for the reliable secure transmission of audio and control signals.
In accordance with one aspect of the present ~nvention, a cryptographic system is provided for the secure transmission of information between first and second nodes.
The system comprises, at the first node, means for generating a key comprising more than one key fragment. Means are provided for selecting 9~3~

one or more of the key fragments to form a key fragment set Means are provided for generating data indicative of the selected key fragment set. Means are provided for encrypting the information to be transmitted u~ing the selected key fragment set.
The encrypted information, key information, and select data are transferred from the first node to the second node. At the second node, means are provided for obtaining the selected key fragment set from the transferred key information in accordance with the transferred select data and for decrypting the encrypted information using the obtained key fragment set.
In accordance with another aspec~ of the present invention, a receiver is provided for use with a signal broadcast system. The broadcast signal includes information encrypted with a set of key fragments selected from a plurality of key fragments, encryption key information, and set selection data. The receiver comprises means for receiving the encrypted information, key information, set select data, means for obtaining a key fragment set from the key information in accordance with the select data, and means for decrypting the encrypted information using the obtained key fragment set.
~ n accordance with another broad aspect of the invention there is provided a cryptographic method for the secure transmission of information between first and second nodes comprising the steps of, at the ~irst node, generating a key comprising more than one key fragment, selecting one or more of the key fragments to form a set generating data indlcative o~ the selected key ~ragment set, encrypting the information to be ~,7~9'~4 14 60713-~7 transmitted using khe selected key fragment set, transferring the encrypted information, key information, and data from the first node to the second node and, at the second node, obtaining the selected key fragment set from the transferred key information in accordance with the transferred data and decrypting the encrypted information using the obtained key fragment set.
The system further comprises meansr at the -first node, for encrypting the key to provide the key information and means, at the second node, for decrypting the key information. The key encryption means comprises means for generating a second key comprising more than one key fragment and means for selecting one or more of the second key fragments to form a second key fragment set. Means are provided for generating second data indicative of the second selected key fxagment set. Means are provided for transferring the second select data from the first node to the second node.
The key decryption means comprises means for storlng the second key. Means are provided for obtaining the selected key fragment set from the stored second key using the ~.
,, ~

~L~'7~3 ;~B

second select data. ~eans are provided for decrypting the encrypted key usîng the obtained second key fragment set.
The means for generating the second S key preferably comprises means for storing a third key and means for storing a number associated with the second node. Means are prov;ded for encrypting the number w;th the third key to obtain the second key.
The system is designed for transmiss;on of information from a first node to a plurality of second nodesa Each of the second nodes has a un;que number associated with it. The system further comprises, at the first node, means for lS storing each of the un;que numbers and for using a different one of the unique numbers tn generate each of a plurality of second keys.
Each of the second keys is usable only by the second node whose unique number was used to generate it.
The second key storage means at each second node stores a second key whlch is a function of the un~que number associated with the second node of which the stored means forms a part. The second key is loaded into the second key storing means at the factory.

~1~'799~4 /b !,`,~; The key fragment set selection means preferably comprises means for periodically selecting key fragments to form the selected key fragment set. The second key fragment selection means preferably comprises means for periodically selecting second key fragments to form the second selected key fragment set.
The selection of a key fragment SQt may take place relatively often and the select;on of a second key fragment set may take place less often~
To these and to such other objects which may hereinafter appear, the present invention relates to a cryptographic system for use in a d;rect broadcast satellite network~
as set forth in detail 1n the following spec;fication and recited in the annexed claims, taken together with the accompanying drawings, wherein like numerals refer to like parts, and in which:

Fig, 1 is a functional diagram of the encryption system at the transmission end of the network;
Fig. 2 ls a functional diagram of the decrypt~on system at each receiver term;nal in the present invention;

~ g~

Fig. 3 is a functional diagram of the encoding system utilized at the factory in order to set the receiver terminal mem-ories for decryption o~ the distributed signal; and Fig. 4 is a schematic representation o~ the composite video signal over which the encrypted signals, key information, and control information are transmitted.
The cryptographic system is described herein as designed for use in a pay television distribution network. However, the principles involved are applicable to other types of signal distribution systems where security is required. It employs three keys to provide security against unauthorized program viewing.
~ master factory key is arbitrarily chosen as a system constant. The master factory key is used in conjuction with an individual subscriber unit address to produce a second key, called a subscriber unit signature key, unique to each subscriber.
The common audio decryption key, is arbitrarily chosen to encrypt the audio signal at the transmission end. ~he common audio key is distributed to each authorized subscriber in individ-ualized form through the use of the second key.

~7~9~4 , The common audio key preferably includes two key blocks, each composed of 40 bits or five 8-bit bytes, for example. One key block is designated as the current key block.
A key fragment set of the five 8-bit bytes of the current block, arranged in a selected order (permuted common audio key) is used at a time for encryption and decryption. During the time when one key block is employed, the other key block may be varied. After the variatlon of the key block is completed, the new common audio key, containing the currently used key block and the varled key block is dlstributed to each subscriber unit to replace the old key, Upon command, the broadcast informatlon begins to be encrypted with a selected key fragment set from the var~ed key block and all subscrlber units are switched over to the key fragment set from the varied key block, at the same tlme.
This new fragment set is used to construct the new permuted key for use in decryption~
A 5-bit encryption key number or code is used to define the order of the bytes forming the key fragment set of the current key block, The encryption key number is transmitted to all receivers at the same time in the header portion of the control data stream, as .. ,.~`~ ~

described below. Each version of the common audio key is distributed in its entirety in encrypted form to each receiver individually in an addressab1e packet in the control data streamO
The following table illustrates the structure of a typical 80~bit common audio key divided into blocks of five 8 bit bytes each:

BIT REF TABLE I

~ _ _ , . . . ~
BYTE 10 BYTE-go .. . _ _ _ . ~__ _ l BYTE 11 BYTE ol . . . .- . ~_ . _ , . .

. .... . __ _ ,.,. ~

. ~ ~
~ BLOCK A ~ ~ BLOCK B

The follawing table defines the arrangement of the common audio key fragments From the current key block to form the various key ~ragment sets (permuted keys) in accordance with the encryption key number. "b" stands for the block (b ~ 1 stands for Block A, and b = O
stands for block B) and can be 1 or 0, d~pending upon which block is designated as the current block:

~7~39;~a~
~,o ~3 o o ~ c~J _ N ~ N _ ~ O ~ O ~ ~ _ ~ D .a .LI l~ .a D D 1:~ D D D 8 D 8 D
,,~
L-l I_ _ O ~) N O ~ O . O ~
1 0 t:15~ D .f:l D D D D D D ~ ~ ~ D D .Q
~t~ ~ _ C:~
, C~ LLJ ~ . O ~ . O C~J et ~ O ~ O ~ C~ _ -- Cc 8 ~ l D D D J:~ .Q D 8 8 D "Cl ~ 8 t:~:
1 5 ~Y ~ Z
, ~ . ~
L~l ~C~r 0~_O~r~ ~
~ . ~ ~ D D D .I:l 8 D D D .n ~ ~ D D ~ I_ ~ _ J
~ ~ ~
~I'd'~l'~C~lC~JC~I; _00 . ` i--~ D .a .n 1~ D 8 ~ D _O D D ~` D 8 ~ .

. _ _ o .~ ,_o,_o_o_o~o_o. ol c~
~_ Q ~ O . ~ O O r _ O O 1- _ O O _ _' O
O O O ~ O O O O r~ r~ r~ r O
0 0 0 0 0 0 0 . ~ r~ O
3~ ~.O.Q~8~a88~ ~

-The subscriber unit siqnature key stored in the receiver memory also con^tains more than one key fragment. Preferably, it contains seven 16-bit parts or fragments from which four 16-bit fragments are selected to construct a subscriber cryptographic key. Th~s key is employed in encryption and decryption of the common audio key.
A 3-bit slgnature type or code is used to define the selection and the arrangement of the 16-bit key fragments used to construct the subscriber cryptographic key. The signature type code is transferred to the subscriber unit through the broadcast signal by means of an addressable packet.
The following table defines the relationship between the 3~bit signature type code and the selection and order of the four 16-blt fragment sets selected from the seven 16-bi~ ~ragments of the subscriber unit signature key. The numbers 1 through 7 correspond, respectively, to the seven 16-bit fragments or signature numbers:

- - - ~
~.~'79~

.~
o _ _ ~ __ T _1 ~ ~ r~ C~l _ 1~ 10 10 10 ~o~l '::t ~ c~J _ ,~ ~D ~-1 li ~r~ ~r~

20 ~ '` ~D u7 ~ ~ ~ _ _ _ _ __ _ _ 25 ~ ,- o , o . o . o ~z c, l . o o ,_ _ o 30 m c~ o o , . ~ ~ o ~` ~

Each version of ~he common audio key is first encrypted using the subscriber crypto-graphic key for a specific receiver unit as the key for a unique block cipher alyorithm.
The resulting encrypted common audio keys are distributed to the spec;fic receiver unit by an addressed packet in an addressable data stream.
At the specific subscriber receiver unit, the received encrypted common audio key is decrypted using the unique block cipher algorithm and as a key, the subscrlber cryptographic key which is constructed from a fragment set selected in accordance with the received signature type code, from the factory pre-loaded subscriber unit signature key. The permuted key, constructed from the fragment se~
selected in accordance with the received encryption key number from the current block key block of the decrypted common audio key,is then used to decrypt the audio signal.
An encrypted common audio key is periodically transmitted to each receiver unit~
preferably at leask once every transmission session and is stored in a memory in the recelver until a new common audio key is received~ The block of the common audio key not being used ~'79~J'~ ~

for encrypt;on can be varied during the time it is not in use for encrypting and decrypting so as $o form a part of a new or replacement common audio key. The replacement key includes a current key block identical to that of the previous key and newly varied key blockO It is encrypted and distributed for storage by each receiver unit. A~ the end of a kransmission session, upon command, in the form of a new encryption key number indicating a set of fragments from the varied key block for use, all subscriber units switch from one block of the common audio key to the other. Thus, a replacement key can be installed without interruption of the operation of the system.
The integrity of the three key system depends on the effectiveness of the security measures employed to keep the master factory key safe from independent dlscovery or Z0 unauthorized use. In contrast to this, prior art systems of this type require that a unique key for each subscriber unit be protected at the transmission end. The present system provides comparable security, but eliminates the necessity for protecting a separate key for each subscriber unitO In the present system, only a single key, the master factory key, need be protected at the transmission end.

Since the direct broadcast satellite network ln which the cryp~ographic syst~m of the present invention is employed is designed to accommodate 2-3 mlllion different subscriber receiver units, the necessity of previous cryptographic systems for protecting the different key for each subscriber unit is quite burdensome, The three key cryptographic sys~em of the present invention eliminates this problem entirely as it requires only a single master factory key be protected, The use of selectable key fragment sets enhances system agility by permitting the key fragment arrangement to be changed rapidly.
The use of a common audio key consisting of two interchangeable key blocks, only one of which is used for decrypticn at a time, permits new keys to be distributed without interruption of the operation of the system.
As seen in Fig. 1, which depicts the functions at the transmission end of the system, the audio channel inputs AU~I0 1 and AUDI0 2 form the inputs to a delta modulator and multiplexer 10 of conventional design. The digitized output from modulator 10 is encrypted in an audio stream encryption circuit 12. The output of encryptlon circuit ~;~'7~3~3;~

12 is the encrypted audio signal which forms a portion of a data stream. The data stream, illustrated in Fig. 4, is inserted into the horizontal blanking intervals (HBI) of the composite television signal which is transmitted via sakellite from the transmission end to each of the subscriber receiver units.
The digitized audio signal is encrypted using a premuted key consisting of a selected key fragment set from a key block ~designated as the current key block) obtained from -the common audio key. Each common audio key is generated by a common audio key generation circuit 14. Each common audio key preferably consists of two key blocks ~block A and block B). Each block includes five 8-bit bytes. The five bytes from the current key block axe arranged in a key fragment set to construct'the permuted key for encryption. The set of fragments selected from the common audio key, which forms the permuted key, are selected in accordance with a 5-bit encryption key number. One of the bits of the encryp-tion key number defines the key block designated as the current key block. The remaining four bits define the arrangement of the five bytes of the current key block which form the permuted key. The ~0 bits of the encryption number defining the b~te arrangement may be changed at any time and are preferably changed periodically, such as at the end of each hour of broadcasting. The bit, ~hich defines the current key block can also be changed periodically, but usually less often, for example, at the end of each daily transmission session, after the non-designated key block has been varied and , 79~

replacement common audio keys encrypted and distributed to each receiver.
A fragment set from the current key block of the common audio key is selected to construct the permuted key for use in encrypting circuit 12 by an audio key fragment set select circuit 13. Circuit 13 is controlled by a 5-bit encryption key number obtained from generator lS.
The entire common audio key ~both blocks) is distributed in encrypted form to each individual subscriber unit prior to the beginning of a transmission session. The common audio key is encrypted differently for each unit~ Each of the encryp~ed common audio keys is placed in a different addressed portion of the data stream. These portions of $he data stream are addres~ed to and can be received only by the particular subscriber unit for which the encrypted common audio key i~ intended.
Each common audio key is formed by encryptlng through the use of a 64-bit key, càlled the "subscriber cryptographic key", which is constructed of a fragment set selected from a subscriber unit signature key. The subscriber unit signature key preferably consists of ~everal 16-bit fragments or signatures and is unique to a particular unit. The subscriber cryptographic key consists of four 16-bi~ fragments or signature~ selected rom the subscriber unit signature key in accordance with a 3-b~t signature type code.
Each distributed common audio key is formed by encrypting the common audio key using the subscriber cryptographic key in a block cipher 3~
-2~- 60713-372 algorithm circuit 16. The fragment set which forms the subscriber cryptographic key is selected in signature key fragment selection circuit 19 under the control of the signature type code from a signa~ure type code generator 21. The signature type code can be changed periodically to alter the subscriber cryptographic key. The signature type code is transferred to each receiver in a packet addressed to the receiver.

9~3 ~q Each unique subscriber unit signature key is a function of the subscriber unit address number for the receiver unit to wh1ch the portion of the data stream including the S encrypted common audio key is addressed. More specifically, each unique subscriber unit signature key is derived by encrypting the subscriber unit address number, stored in a memory 18, using the master factory key, stored in a master factory key memory 20, in an encryption circui~ 22 which employs the Data Encryption Standard algorithm.
During a particular transmission session, only the designated common audia key block is used for encrypting and decrypting.
The non-designated key block may be varied during this time by common audio key generator 14. Varylng the non-designated block will not effect the operat~on of the system. The varied key will be encrypted for each receiver un~t as described above and then distributed, After distribution, the transmlssîon session is ended and a new encryption key number is broadcast to all receivers simultaneously desi~nating the newly varied block for use in encryption and decryption. In this way~
distrlbution of replacement keys can take place 9~

~,, ~, over a period of hours, but the entire system switches to the replace key at the same time.
As shown in Fig. 2, which depicts the functions of the subscriber receiver units, the transmitted composite television signal is received and the encrypted audio signal is extracted from the data stream in the horizontal blanking intervals and forms an input to an audio stream decryption circuit 24.
The encrypted audio signal will be decrypted using the permuted key which is a selected fragment set from the current block of the common audio key. The common audio key is derived from the encrypted common audio key which is transmitted to the receiver.
The rece~ver monitors the data stream in the horizontal blanking inkervals until it detects the por~ion thereof with its unique address number. The encrypted common audio key for the particular subscriber unit is then obtained from the addressed portion. The encrypted common audio key is decrypted in a block cipher algorithm circuit 26 such ~hat common audio key blocks, block A and block B, are obtained in clear form. The key blocks are fed to a common audio key frayment set select circuit 27~ Circuit 27 receives '799~

the encryption key number captured ~rom ~he header portion of the data stream and uses same to select the appropriate key block and arrange the fragments thereof to construct the permuted key. The permuted key is then used in audio stream decryption circuit 24 to decrypt the audio stream.
A selec~ed ~ragment set of the subscriber unit signature key for the particular subscriber unit is util~zed to construct the subscriber cryptographic key for use in decryption of the common audio key in a block cipher algorithm circuit 26. The unique subscriber unit signature key for each subscriber unit is stored in a memory 28 within the unit at the factory~
Memory 28 is accessed and the subscriber unit signature key is entered into a signature key fragment set select circuit 29 which receives the signature type code cap~ured ~rom the addressed portion of the data stream, Circu~t 29 selects and arranges the appropriate fragments to construct the subscriber cryptographic key.

~ ~t7g9~

Fig. 3 schematically depicts the factory encoding system.
At the factory, the subscriber unit address is read from the subscriber unit address memory 1~ and stored in the subscriber unit address memory 32 in the receiver. The subscriber unit address is encrypted in the Data Encryption Standard algorithm circuit 22 using the master factory key from memory 20 and is then stored in the subscriber unit signature key memory 28 in the receiver. Later, ~hen signals are being transmitted, the master factory key from memory 20 is used in the Data Encryption Standard algorithm circuit 22 to generate the unique subscriber unit signature key for each subscriber unit, as described above.
Fig. 4 schematically represents the transmitted composite TV signal which comprises a plurality of active video'portions, sync protions, and horizontal blanking portions. The data is stream inserted into each horizontal blanking portion.
The data stream includes a run-in code for synchronization, an addressable data stream portion, and encrypted digitized audio signal.
The addressable data stream portion includes a header portion, containing information for addressing certain groups of receivers and certain program related information common to all receiving units in the addressed group, including the encryption key number. The addressable data stream portion also includes a plurality of addressed packets l...n, each containing the address number for a particular receivlng unit. The addressed packets also contain the encrypted common audio key and the signature type ~ ~7S~9~

code for the addressed receiver.
Each receiving unit captures encrypted audio inormation.
It locates a header with its group number and stores the encryption key number therefrom. It then searches for addressed packets with its address number. When the packets with its address number are located, the unit obtains the signature type code and encrypted common audio key therein and uses them, in conjunction with the unique subscriber unit signature key stored in the unit, to obtain the common audio key blocks. The encryption key number from the l~ header packet is then used to construct the permuted key.
Replacement common audio keys, with a varied key block, may be distributed and stored during the transmission session.
Since the current key block is the same in the old ke~ as it is in the replacement key, there is no discontinuity in operation as one key replaces the other. At the end of the transmission session, a new encryption key number is distributed to all receiving units at the same time in the header portion of the control data stream.
The new encryption key number contains a first blt designating the varied key block as the then current key block, that is, the function of the key blocks is interchanged and the varied key block is now used for encryption and decryption. Accordingly, all receiving units switch over to the replacement key at the same time.
It will now be appreciated that the present invention relates to improvements in a multiple key cryptographic system which employs a cryptographic key composed of interchangeable key blocks to permit replacement keys to be installed in the receiving units without interruption of operation. The key permits a 79~

varied key block to be distributed over a relatively long time while the current key block is still in use and, therea~ter, switchover by all receiving uni-ts, upon a gingle command, in a relatively short time, -to the replacement key. It also employs key fragments, the selection and arrangement of which can be changed periodically for increased agility. The use of changeable key fragment sets permits dynamic changes to occur periodically, enhancing the security of the system.

7~'3'~
- 35 - ~0713-372 While only a single preferred embodiment of the present invention has been disclosed herein for purposes of illustration, it is obvious that many variatlons and modifications could be made thereto. It is intended to cover all of these variations and modifications which fall within the scope of the present inven-tion, as defined by the following claims:

Claims (22)

The embodiments of the invention in which an exclusive property or privilege is claimed are defined as follows:-
1. A cryptographic system for the secure transmission of information between first and second nodes, comprising, at the first node:
means for generating a key comprising more than one key fragment; means for selecting a set of one or more of the key fragments; means for generating data indicative of the selected key fragment set; means for encrypting the information using the selected key fragment set; means for transferring the encrypted information, key information, and select data from the first node to the second node; and at the second node: means for obtaining the selected key fragment set from the transferred key information in accordance with the transferred select data; and means for decrypting the encrypted information using the obtained key fragment set.
2. The system of Claim 1, further comprising means, at the first node, for encrypting the key to provide the key information and means, at the second node, for decrypting the key information.
3. The system of Claim 2, wherein said key encryption means comprises means for generating a second key comprising more than one second key fragment; means for selecting a set of one or more of the second key fragments; means for generating second data indicative of the set of second key fragments selected; means for transferring the second data from the first node to the second node.
4. The system of Claim 3, wherein said key decryption means comprises means for storing the second key, means for obtaining the selected second key fragment set from the stored second key using the second data and means for decrypting the encrypted key using the obtained second key fragment set.
5. The system of Claim 3, wherein said means for generating the second key comprises means for storing a third key, means for storing a number associated with the second node, and means for encrypting the number with the third key ot obtain the second key.
6. The system of Claim 5, for transmission of information from a first node to a plurality of second nodes, wherein each of the second nodes has a unique number associated with it and further comprising, at the first node, means for storing each of the unique numbers and for using a different one of the unique numbers to generate each of a plurality of second keys, each of the second keys being usable only by the second node whose unique number was used to generate it.
7. The system of Claim 6, wherein said key decryption means comprises means for storing the second key, means for obtaining the selected second key fragment set from the stored second key using the second data and means for decrypting the encrypted key using the obtained second key fragment set,
8. The system of Claim 7, wherein said second key storing means stores a second key which is generated based on the unique number associated with the second node of which the storage means forms a part.
9. The system of Claim 1, wherein said key fragment set selection means comprises means for periodically selecting different key fragment sets.
10. The system of Claim 3, wherein said second key fragment selection means comprises means for periodically selecting different second key fragment sets,
11. The system of Claim 1, wherein said key fragment selection means comprises means for periodically selecting different arrangements of fragments to form the key fragment set.
12. The system of Claim 3, wherein the selected key fragment set is changed relatively often and the second selected key fragment set is changed less often.
13. The system of Claim 1, wherein said key fragments comprise bytes.
14. The system of Claim 3, wherein the second key fragments comprise sets of bits.
15. A receiver for use in a system broadcasting information of the type comprising key information including a key having more than one key fragment, data indicative of a key fragment set selected from the key, and information encrypted using the selected set of key fragments indicated by the data, the receiver comprising means for receiving the key information, data and encrypted information, means for obtaining the selected set of key fragments from the received key information in accordance with the received data and means for decrypting the received information using the obtained selected key fragment set.
16. The receiver of Claim 15, wherein the key information is received in encrypted form and further comprising a memory for storing a second key and means for using the second key to decrypt the received key information.
17. The receiver of Claim 16, wherein the second key comprises more than one fragment wherein the broadcast signal comprises second data indicative of a selected set of fragments from the second key and wherein said means for using the second key to decrypt the received key information comprises means for obtaining the second key fragment set from the stored second key in accordance with the second data and for using the obtained second key fragment set in decrypting the key information.
18. The receiver of Claim 15, wherein said fragments are bytes.
19. A cryptographic method for the secure transmission of information between first and second nodes comprising the steps of, at the first node, generating a key comprising more than one key fragment, selecting one or more of the key fragments to form a set generating data indicative of the selected key fragment set, encrypting the information to be transmitted using the selected key fragment set, transferring the encrypted information, key information, and data from the first node to the second node and, at the second node, obtaining the selected key fragment set from the transferred key information in accordance with the transferred data and decrypting the encrypted information using the obtained key fragment set.
20. The method of Claim 19, further comprising the steps, at the first node, encrypting the key to provide the key information and, at the second node, decrypting the key information.
21. The method of Claim 20, wherein the step of encrypting the key comprises the steps of generating a second key comprising more than one key fragment, selecting one or more of the second key fragments to form a second set, generating second data indicative of the second key fragment set selected, and transferring the second data from the first node to the second node.
22. The method of Claim 21, wherein the step of decrypting the key information includes the steps of storing the second key, obtaining the selected second key fragment set from the stored second key using the second data and decrypting the encrypted key using the obtained second key fragment set.
CA000496509A 1985-03-11 1985-11-29 Cryptographic system using interchangeable key blocks and selectable key fragments Expired - Lifetime CA1279924C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CA000615864A CA1315388C (en) 1985-03-11 1990-09-17 Cryptographic system using interchangeable key blocks and selectable key fragments

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US710,385 1985-03-11
US06/710,385 US4694491A (en) 1985-03-11 1985-03-11 Cryptographic system using interchangeable key blocks and selectable key fragments

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CA000615864A Division CA1315388C (en) 1985-03-11 1990-09-17 Cryptographic system using interchangeable key blocks and selectable key fragments

Publications (1)

Publication Number Publication Date
CA1279924C true CA1279924C (en) 1991-02-05

Family

ID=24853826

Family Applications (1)

Application Number Title Priority Date Filing Date
CA000496509A Expired - Lifetime CA1279924C (en) 1985-03-11 1985-11-29 Cryptographic system using interchangeable key blocks and selectable key fragments

Country Status (6)

Country Link
US (1) US4694491A (en)
EP (1) EP0194769B1 (en)
JP (2) JPH0710064B2 (en)
CA (1) CA1279924C (en)
DE (1) DE3685143D1 (en)
HK (1) HK37293A (en)

Families Citing this family (73)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4965825A (en) 1981-11-03 1990-10-23 The Personalized Mass Media Corporation Signal processing apparatus and methods
USRE47642E1 (en) 1981-11-03 2019-10-08 Personalized Media Communications LLC Signal processing apparatus and methods
US7831204B1 (en) 1981-11-03 2010-11-09 Personalized Media Communications, Llc Signal processing apparatus and methods
GB2143352A (en) * 1983-07-15 1985-02-06 Philips Electronic Associated Authorising coded signals
US4887296A (en) * 1984-10-26 1989-12-12 Ricoh Co., Ltd. Cryptographic system for direct broadcast satellite system
US4694491A (en) * 1985-03-11 1987-09-15 General Instrument Corp. Cryptographic system using interchangeable key blocks and selectable key fragments
US4803725A (en) * 1985-03-11 1989-02-07 General Instrument Corp. Cryptographic system using interchangeable key blocks and selectable key fragments
EP0200310B1 (en) 1985-05-01 1993-08-11 General Instrument Corporation Direct broadcast satellite signal transmission system
US4817142A (en) * 1985-05-21 1989-03-28 Scientific Atlanta, Inc. Restoring framing in a communications system
GB2183378A (en) * 1985-11-25 1987-06-03 Philips Electronic Associated Receiving scrambled signals
US4890321A (en) * 1986-07-08 1989-12-26 Scientific Atlanta, Inc. Communications format for a subscription television system permitting transmission of individual text messages to subscribers
US4866770A (en) * 1986-07-08 1989-09-12 Scientific Atlanta, Inc. Method and apparatus for communication of video, audio, teletext, and data to groups of decoders in a communication system
US4771458A (en) * 1987-03-12 1988-09-13 Zenith Electronics Corporation Secure data packet transmission system and method
US4876718A (en) * 1987-03-12 1989-10-24 Zenith Electronics Corporation Secure data packet transmission system and method
US4944006A (en) * 1987-03-12 1990-07-24 Zenith Electronics Corporation Secure data packet transmission system and method
US4864615A (en) * 1988-05-27 1989-09-05 General Instrument Corporation Reproduction of secure keys by using distributed key generation data
US4995080A (en) * 1988-08-04 1991-02-19 Zenith Electronics Corporation Television signal scrambling system and method
US5392353A (en) * 1989-08-07 1995-02-21 Tv Answer, Inc. Interactive satellite broadcast network
US5029207A (en) 1990-02-01 1991-07-02 Scientific-Atlanta, Inc. External security module for a television signal decoder
DE69121444T2 (en) * 1990-03-29 1997-03-13 Gte Laboratories Inc Monitoring system for the transmission of video signals
US5682425A (en) * 1990-04-23 1997-10-28 Canon Kabushiki Kaisha Information signal transmission system
US5267312A (en) * 1990-08-06 1993-11-30 Nec Home Electronics, Ltd. Audio signal cryptographic system
US5111504A (en) * 1990-08-17 1992-05-05 General Instrument Corporation Information processing apparatus with replaceable security element
US5214698A (en) * 1991-03-20 1993-05-25 International Business Machines Corporation Method and apparatus for validating entry of cryptographic keys
ATE429099T1 (en) * 1994-02-24 2009-05-15 Comcast Cable Holdings Llc METHOD AND DEVICE FOR CREATING A CRYPTOGRAPHIC CONNECTION BETWEEN ELEMENTS OF A SYSTEM
US5787172A (en) * 1994-02-24 1998-07-28 The Merdan Group, Inc. Apparatus and method for establishing a cryptographic link between elements of a system
GB2288519A (en) * 1994-04-05 1995-10-18 Ibm Data encryption
MY125706A (en) * 1994-08-19 2006-08-30 Thomson Consumer Electronics High speed signal processing smart card
US6035037A (en) * 1995-08-04 2000-03-07 Thomson Electronic Consumers, Inc. System for processing a video signal via series-connected high speed signal processing smart cards
US5852290A (en) * 1995-08-04 1998-12-22 Thomson Consumer Electronics, Inc. Smart-card based access control system with improved security
US6154541A (en) * 1997-01-14 2000-11-28 Zhang; Jinglong F Method and apparatus for a robust high-speed cryptosystem
US7587044B2 (en) 1998-01-02 2009-09-08 Cryptography Research, Inc. Differential power analysis method and apparatus
US7007162B1 (en) 1998-04-24 2006-02-28 International Business Machines Corporation Forensic media key block for identifying compromised keys
US6118873A (en) 1998-04-24 2000-09-12 International Business Machines Corporation System for encrypting broadcast programs in the presence of compromised receiver devices
TW432840B (en) * 1998-06-03 2001-05-01 Sony Corp Communication control method, system, and device
US6275939B1 (en) 1998-06-25 2001-08-14 Westcorp Software Systems, Inc. System and method for securely accessing a database from a remote location
US20010011349A1 (en) * 1998-09-03 2001-08-02 Greg B. Garrison System and method for encrypting a data session between a client and a server
JP4763866B2 (en) * 1998-10-15 2011-08-31 インターシア ソフトウェア エルエルシー Method and apparatus for protecting digital data by double re-encryption
US7380137B2 (en) * 1999-07-20 2008-05-27 International Business Machines Corporation Content guard system for copy protection of recordable media
WO2001016776A1 (en) * 1999-08-27 2001-03-08 Sony Corporation Information transmission system, transmitter, and transmission method as well as information reception system, receiver and reception method
US6944762B1 (en) 1999-09-03 2005-09-13 Harbor Payments Corporation System and method for encrypting data messages
US7082413B2 (en) 1999-11-24 2006-07-25 International Business Machines Corporation System and method for authorized compression of digitized music
US6748539B1 (en) 2000-01-19 2004-06-08 International Business Machines Corporation System and method for securely checking in and checking out digitized content
EP1119132A3 (en) * 2000-01-19 2003-01-02 Research In Motion Limited Broadcasting encrypted messages using session keys
US6952477B1 (en) 2000-07-03 2005-10-04 International Business Machines Corporation Fault intolerant cipher chaining
US9520993B2 (en) * 2001-01-26 2016-12-13 International Business Machines Corporation Renewable traitor tracing
US20020101990A1 (en) * 2001-02-01 2002-08-01 Harumi Morino Data receiving apparatus and data reproducing apparatus
KR100977969B1 (en) * 2001-08-24 2010-08-24 톰슨 라이센싱 Methods for transmitting and receiving data in a network
US7356147B2 (en) * 2002-04-18 2008-04-08 International Business Machines Corporation Method, system and program product for attaching a title key to encrypted content for synchronized transmission to a recipient
GB0226658D0 (en) * 2002-11-15 2002-12-24 Koninkl Philips Electronics Nv Archive system and method for copy controlled storage devices
US20050005105A1 (en) * 2003-06-24 2005-01-06 Brown Larry Cecil Remote access control feature for limiting access to configuration file components
US8472792B2 (en) 2003-12-08 2013-06-25 Divx, Llc Multimedia distribution system
US7519274B2 (en) 2003-12-08 2009-04-14 Divx, Inc. File format for multiple track digital data
JP5200204B2 (en) 2006-03-14 2013-06-05 ディブエックス リミテッド ライアビリティー カンパニー A federated digital rights management mechanism including a trusted system
WO2008059569A1 (en) * 2006-11-15 2008-05-22 Panasonic Corporation Communication terminal apparatus, content distributing apparatus, content distributing system, content distributing method and content receiving method
EP4184341A1 (en) 2007-01-05 2023-05-24 DivX, LLC Video distribution system including progressive playback
WO2009065137A1 (en) 2007-11-16 2009-05-22 Divx, Inc. Hierarchical and reduced index structures for multimedia files
US8122501B2 (en) * 2008-06-20 2012-02-21 International Business Machines Corporation Traitor detection for multilevel assignment
US8108928B2 (en) * 2008-06-20 2012-01-31 International Business Machines Corporation Adaptive traitor tracing
US8422684B2 (en) * 2008-08-15 2013-04-16 International Business Machines Corporation Security classes in a media key block
US8571209B2 (en) 2009-01-19 2013-10-29 International Business Machines Recording keys in a broadcast-encryption-based system
EP2507995A4 (en) 2009-12-04 2014-07-09 Sonic Ip Inc Elementary bitstream cryptographic material transport systems and methods
WO2011068996A1 (en) 2009-12-04 2011-06-09 Cryptography Research, Inc. Verifiable, leak-resistant encryption and decryption
US20120063597A1 (en) * 2010-09-15 2012-03-15 Uponus Technologies, Llc. Apparatus and associated methodology for managing content control keys
US9247312B2 (en) 2011-01-05 2016-01-26 Sonic Ip, Inc. Systems and methods for encoding source media in matroska container files for adaptive bitrate streaming using hypertext transfer protocol
US9467708B2 (en) 2011-08-30 2016-10-11 Sonic Ip, Inc. Selection of resolutions for seamless resolution switching of multimedia content
US8806188B2 (en) 2011-08-31 2014-08-12 Sonic Ip, Inc. Systems and methods for performing adaptive bitrate streaming using automatically generated top level index files
US8909922B2 (en) 2011-09-01 2014-12-09 Sonic Ip, Inc. Systems and methods for playing back alternative streams of protected content protected using common cryptographic information
TW201342873A (en) * 2012-04-11 2013-10-16 Blucrypt Technologies Inc Speech scrambling method, encryption/decryption method and scrambling equipment
US9191457B2 (en) 2012-12-31 2015-11-17 Sonic Ip, Inc. Systems, methods, and media for controlling delivery of content
CN113259731B (en) 2015-01-06 2023-07-04 帝威视有限公司 System and method for encoding content and sharing content between devices
CN106487514A (en) * 2015-09-01 2017-03-08 北京三星通信技术研究有限公司 Voice communication encryption method, decryption method and its device
DE102019122806A1 (en) * 2019-08-26 2021-03-04 Infineon Technologies Ag Cryptographic device

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
NL123360C (en) * 1960-11-15 1900-01-01
SE7714587L (en) * 1977-12-21 1979-06-22 Brendstrom Hugo COMMUNICATION SYSTEM
US4341925A (en) * 1978-04-28 1982-07-27 Nasa Random digital encryption secure communication system
JPS5555385A (en) * 1978-10-18 1980-04-23 Fujitsu Ltd Cipher key control mechanism
US4264781A (en) * 1979-04-16 1981-04-28 Ncr Corporation Apparatus for encoding and decoding data signals
US4388643A (en) * 1981-04-06 1983-06-14 Northern Telecom Limited Method of controlling scrambling and unscrambling in a pay TV system
US4484027A (en) * 1981-11-19 1984-11-20 Communications Satellite Corporation Security system for SSTV encryption
US4447828A (en) * 1982-02-25 1984-05-08 Oak Industries Inc. Phase change dynamic scrambling
US4549308A (en) * 1982-07-12 1985-10-22 At&T Bell Laboratories Secure mobile radio telephony
US4551580A (en) * 1982-11-22 1985-11-05 At&T Bell Laboratories Time-frequency scrambler
NL8301458A (en) * 1983-04-26 1984-11-16 Philips Nv METHOD FOR DISTRIBUTING AND USING ENCRYPTION KEYS.
DE3470646D1 (en) * 1983-07-22 1988-05-26 Indep Broadcasting Authority Security system for television signal encryption
ES529123A0 (en) 1984-01-24 1984-10-01 Carrio Llopis Miguel OPTOELECTROMAGNETIC MOTOR
JPS61125243A (en) * 1984-11-21 1986-06-12 Sony Corp Scrambling method
US4803725A (en) 1985-03-11 1989-02-07 General Instrument Corp. Cryptographic system using interchangeable key blocks and selectable key fragments
US4694491A (en) * 1985-03-11 1987-09-15 General Instrument Corp. Cryptographic system using interchangeable key blocks and selectable key fragments

Also Published As

Publication number Publication date
EP0194769A1 (en) 1986-09-17
JPH0710064B2 (en) 1995-02-01
US4694491A (en) 1987-09-15
JPS61208941A (en) 1986-09-17
EP0194769B1 (en) 1992-05-06
HK37293A (en) 1993-04-23
JPH05336107A (en) 1993-12-17
JP2584570B2 (en) 1997-02-26
DE3685143D1 (en) 1992-06-11

Similar Documents

Publication Publication Date Title
CA1279924C (en) Cryptographic system using interchangeable key blocks and selectable key fragments
US4803725A (en) Cryptographic system using interchangeable key blocks and selectable key fragments
US4887296A (en) Cryptographic system for direct broadcast satellite system
US4484027A (en) Security system for SSTV encryption
US4531020A (en) Multi-layer encryption system for the broadcast of encrypted information
USRE33189E (en) Security system for SSTV encryption
US5381481A (en) Method and apparatus for uniquely encrypting a plurality of services at a transmission site
EP1023795B1 (en) Control for a global transport data stream
US4736422A (en) Encrypted broadcast television system
US5341425A (en) Methods and apparatus for uniquely encrypting data at a plurality of data transmission sites for transmission to a reception site
US7155611B2 (en) Method of operating a conditional access system for broadcast applications
NO166909B (en) KEY SIGNAL SYSTEM FOR AA REPRODUCES A SUBSCRIBER KEY SIGNAL IN A SIGNAL RECOGNITOR.
EP0179612B1 (en) Cryptographic system for direct broadcast satellite network
EP0448534B1 (en) Method and apparatus for encryption/decryption of digital multisound in television
US5606611A (en) Receiving station management apparatus
CA1315388C (en) Cryptographic system using interchangeable key blocks and selectable key fragments
CA2168748C (en) Method and apparatus for uniquely encrypting a plurality of services at a transmission site
GB2297017A (en) Encryption of television services
JPH0345944B2 (en)
JPH0521397B2 (en)

Legal Events

Date Code Title Description
MKEX Expiry
MKEX Expiry

Effective date: 20080205