• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    The process of updating the revocation list of noncompliant keys, appliances, or modules in a security system for content broadcasting. The process consists of receiving at the receiving device 3 content from the content provider 2 to which a single identifier of the most recent revocation list has been added, the revocation list being regarded as non-compliant by the third trust authority 1. To be a key, an identifier of the appliance or module. The received revocation list identifier IndexLR_C is compared with the revocation list identifier IndexLR_M stored in the receiving device, and if there is a difference between the identifiers, the most recent revocation list is downloaded to the receiving device, or the next with the next content. Wait for the latest revocation list to be received. The invention also relates to a process for displaying content received in accordance with the above process.
    公开号:KR20040070281A
    申请号:KR10-2004-7010127
    申请日:2002-12-20
    公开日:2004-08-06
    发明作者:에릭 디에흘;알라인 두란드
    申请人:톰슨 라이센싱 에스.에이.;
    IPC主号:
    专利说明:

    PROCESS FOR UPDATING A REVOCATION LIST OF NONCOMPLIANT KEYS, APPLIANCES OR MODULES IN A SECURE SYSTEM FOR BROADCASTING CONTENT}
    [2] Transmitting digital data representing content through a communication network includes problems of managing permission or prohibition of data duplication and data change prevention.
    [3] To solve this problem, manufacturers of multimedia hardware have proposed a solution that enables the transmission of such content in digital form while preventing illegal copying of the content. This solution generally uses a trusted public key cryptographic system in which a secret / public key pair is created by a third trusted authority (eg, a certification authority) as well as the use of so-called compliant appliances or modules.
    [4] Unfortunately, private / public key pairs are sometimes pirated, that is, "pirate" may continue when a secret key of a pair of keys is obtained, or else, for example, contains a secret. The compliance appliance or module is plundered, that is to say, "looted" to gain its secret.
    [5] Revocation involving an identifier of a key, appliance or module that is no longer considered to be compliant by the third trust authority because the third party has recognized that the identifier of the key, appliance or module has been looted Managing lists is a reason known in the system for secure broadcast of content. This revocation list should inform all personnel of the system that keys, appliances or modules that are no longer compliant can no longer be used. For example, a system's compliance appliance will refuse to communicate with a noncompliant appliance or an appliance that sends a noncompliant key.
    [6] To do this effectively, the compliance appliance needs to always have the latest updated revocation list.
    [7] Furthermore, today, the use of large market electronic appliances such as televisions, DVD readers (acronym for "digital video discs"), digital recording devices (especially video recorders, DVD recorders or hard disks) or computers in digital home networks is It became common.
    [8] In this case, it is known to routinely attach the latest updated revocation list to any content that enters the home network in order for the various appliances to actually own the latest revocation list, which content is updated from a third-party trust authority. Sent by content provider to get revocation list.
    [9] Another solution is to add a valid date to any revocation list sent to the network. After this date, it is no longer possible to receive any new content on the home network unless a new updated discard list is received. Thus, it is necessary for at least one appliance in the home network to request an update of the revocation list, eg from a content provider.
    [10] However, these known techniques have some disadvantages.
    [11] Routinely sending the latest updated revocation list along with any content that is transmitted increases the cost of content delivery because a portion of the bandwidth must be allocated for transmission of the revocation list. Moreover, the plunder can always change the old list that does not contain the latest update to the revocation list sent with the content.
    [12] On the other hand, adding a valid date to the revocation list further complicates management at the level of appliances in the home network. To achieve a good level of security, revocation lists often need to be updated. Moreover, if a new revocation list is sent before the expiration date of the old revocation list is over, the home network's appliance may not be recognized and possibly deleted by predation because the revocation list has not expired.
    [1] The present invention relates generally to the field of copy protection of digital content. More specifically, the present invention relates to a process for updating a revocation list of non-compliant keys, appliances or modules in a security system for content broadcasting.
    [23] The invention will be better understood by reading the following description, given by way of example only with reference to the accompanying drawings.
    [24] 1 schematically illustrates a security system for content broadcasting in a digital home network in which the present invention is implemented.
    [25] 2 and 3 diagrammatically illustrate a process implemented in the device of FIG. 1 in accordance with the present invention.
    [13] The present invention aims to solve the above problem.
    [14] SUMMARY OF THE INVENTION An object of the present invention is a process of updating a revocation list containing a key, an appliance or an identifier of a module, which is regarded as non-compliant by a third trust authority in a security system for content broadcasting, when receiving content from a content provider at a receiving device. A single identifier is assigned to each update of the revocation list by a third trusted authority, wherein the identifier of the most recent revocation list is added to the content received at the receiving device, and the received revocation list identifier is received. Comparing the revocation list identifier stored in the device, if there is a difference between the identifiers, downloading the most recent revocation list to the receiving device, or waiting to receive the most recent revocation list with the next content; It features.
    [15] Therefore, avoid sending all revocation lists while transmitting new content respectively, and the new revocation list is transmitted only when needed following the list update.
    [16] The present invention also provides a process for receiving content by a receiving device in a security system for content broadcasting comprising a revocation list created by a third trusted authority comprising a key, an appliance or an identifier of a module that is deemed to be noncompliant by the third trusted authority. Thus, a single identifier is assigned to each update of the revocation list, wherein the identifier of the most recent revocation list is added to the content received at the receiving device. The process also compares the received revocation list identifier with the revocation list identifier stored at the receiving device, and if there is a difference between the identifiers, downloads the most recent revocation list to the receiving device, or most recently with the next content. Waiting to receive a recent revocation list.
    [17] According to a particular feature of the invention, the revocation list single identifier is the update index of the revocation list.
    [18] According to another feature of the invention, the identifier of the most recent revocation list received with the content is included in the portion protected by the encryption or authentication of the content. Thus, the revocation list identifier cannot be easily modified or removed by predation.
    [19] According to a particular embodiment of the invention, the revocation list is at least one serial number of a public key generated by a third trust authority and considered to be noncompliant by the third trust authority, noncompliant by the third trust authority. At least one serial number of the appliance considered as, at least one serial number of the module considered as non-compliant by a third party, at least one local network secret key identifier protecting content against piracy, At least one local network secret key that protects the content against content, at least one element belonging to a set including the result of at least a calculation function applied to the local network secret key that protects the content against piracy, in particular a hash function. .
    [20] According to another preferred feature of the invention, for each element of the revocation list, its own revocation index corresponding to the update index of the list is further stored at the moment of insertion of the element in the revocation list.
    [21] An object of the present invention is also a process of displaying content received according to the above-described process, wherein the process is for a content display device, wherein at least one of the most recent revocation list in the processing of the receiving device is used by the receiving device. Checking that it does not contain any element associated with the key, one module, or one appliance; continuing the process to present content to the user if the revocation list does not include the any element; And stopping the process.
    [22] As a variant of the process, if the revocation list includes at least one element of the element (ie at least one key, one module or element associated with one appliance) used by the receiving device, The process includes comparing the revocation index of the element with the revocation list update index added to the content, and if the revocation list update index added to the content is less than the revocation index of the element, continue the process to present the content to the user. Displaying, otherwise, stopping the process.
    [26] 1 shows a digital home network comprising a certification authority 1, a content provider 2, and a content receiving device 3 constituting a third trust authority in the process of the invention, for example in the IEEE1394 standard. A security system for content broadcasting is provided that includes a content presentation device 4 and a recording device 5 interconnected by a digital bus 8 such as a bus.
    [27] The certificate authority 1 generates in particular a private / public key pair for use by various devices of the system, where the public key is included in a certificate signed by a certificate authority, as is known to those skilled in the art.
    [28] The certification authority 1 is linked to a content provider that is, for example, a broadcaster of pay TV programs. Although a single content provider 2 is shown in FIG. 1, the invention also applies when several different content providers are linked to a certification authority to deliver content to a user. Another content provider may be a distributor of music programs that are particularly broadcast over the Internet.
    [29] In accordance with the present invention, the certification authority 1, in particular, has detected that the key, appliance or module has been compromised, so that it no longer trusts or is no longer considered secure, appliance identifiers, Or maintains a revocation list containing the module identifiers until the most recent. In accordance with each new update of this revocation list, the index is incremented and the revocation list as well as this update index are sent to all content providers linked by the certification authority.
    [30] Preferably, the revocation list includes a serial module of the module, a serial number of the appliance or a key (especially from which the certification authority has occurred), which is considered no longer secure by the certification authority. In addition, this revocation list is a secret (used in so-called symmetric cryptography) used in security systems for content broadcasting when the certification authority recognizes piracy of one of these keys (e.g., over-the-air broadcasting of a secret key). May contain information about the key.
    [31] Further, the discard list preferably includes a discard index for each element of the list, that is, an update index of the discard list at the moment an element is inserted into the list. By this advantage, it is possible to manage the moment when a key, appliance or module is no longer considered trusted and compatible by the certificate authority.
    [32] In the digital home network shown in FIG. 1, the receiving device 3 comprises a digital decoder 30 suitable for a smart card reader with a smart card 31. This decoder receives digital content from the content provider 2 via a link 6. This may be a terrestrial link, cable link, satellite link, or link via an internet network. Preferably, the decoder 30 also includes a return path 7 to the content provider. This return path can in particular utilize a switched telephone network.
    [33] The receiving device 3 of the home network also acts as a source device in the network, that is to say to transmit the received content to other devices in the network, in particular the content display device 4 or the digital video recorder (DVCR) 5. The content display device 4 comprises a digital television receiver (DTV) 40 suitable for a smart card reader with a smart card 41.
    [34] Digital data representing content broadcast by the content provider 2 to the reception device 3 is generally scrambled data according to the principle of pay television or conditional access television. This data is included in an Entitlement Control Message (ECM) and scrambled with the help of a control word CW which is simultaneously transmitted in the data stream in encrypted form with the aid of the encryption key K. The encryption key K, in particular, is stored in a smart card so that a user who has paid for receiving data can process it at will.
    [35] In the example of FIG. 1, it is assumed that smart card 31 includes such a key K. FIG. Also illustrated is a data packet 60 received by the receiving device 3.
    [36] In general, the present invention also applies when digital data is protected by a so-called DRM (Digital Right Management) system.
    [37] According to a preferred embodiment of the present invention, if data representing content is received by the decoder 30, this data is subsequently shared by the device 3 before being broadcasted via the digital network. For this purpose, the ECM message containing the control word CW encrypted with the aid of the key K is converted by the conversion module 32 included in the smart card 31 to the LECM (Local) containing the decrypted control word. Entitlement Control Message) message, where LECM messages are protected with the help of keys specific to the home network, in particular secret keys. 1 shows a data packet 80 flowing along a bus 8 of a home network.
    [38] According to the principles of the present invention, when the content provider 2 transmits the content to the receiving device 3, the receiving device adds the update index of the revocation list most recently transmitted by the certification authority to the content.
    [39] This index LR_C is preferably included in the ECM message while being protected by the key K. In particular, this index can be encrypted by the key K.
    [40] The receiving device 3 preferably includes the revocation list LR_M as well as the update index Index LR_M , which is stored in the conversion module 32 included in the smart card 31.
    [41] In the first embodiment of the present invention, a smart card, such as card 31, is delivered to the user by a certification authority, including the corresponding index LR_M as well as the most recent revocation list among others. In the second embodiment, this card does not contain any revocation list or index when delivered to the user.
    [42] 2, a process implemented when new content is received by the receiving device 3 in the home network will be described.
    [43] The first step 100 includes detecting an update index of the revocation list Index LR_C in the received content.
    [44] The second step 101 is implemented only in the second embodiment and includes checking the existence of a discard list storing the update index Index LR_M at the receiving device 3. If the index (Index LR_M) is stored, the process proceeds to the index (Index LR_C) is stored in the index step 102 of verifying whether the smaller or equal to (Index LR_M) received from the content. If the Index LR_C ≤Index LR_M, the process is terminated.
    [45] Otherwise, the flow proceeds to step 103 in which the value of the discard list storing the update index is replaced with the index Index LR_C received in the content. In a similar manner, if the response to the test of step 101 is negative (ie, there is no index stored on the receiving device), then flow proceeds to step 103, where the stored index Index LR_M is the index received in the content. LR_C ) value is initialized.
    [46] After step 103, it is also necessary to update the stored revocation list LR_M at the receiving device 3. This is illustrated in FIG. 2 as step 104 which may download the most recent revocation list by using the return path 7 from the decoder 30 to the content provider 2 or wait for reception of the list with the next content. Is shown. In this case, it is expected that the content provider will periodically send the most recent revocation list with the content.
    [47] When not only the revocation list stored index Index LR_M but also the corresponding revocation list LR_M has been updated at the receiving device, the receiving device may change the index and revocation list to a network excluding a recording device such as the DVCR 5 of FIG. Communicate with other devices. In particular, in the example of FIG. 1, the recording apparatus communicates the index and the revocation list to the display device 4, which displays the index and the revocation list to the terminal module 42 included in the chip card 41. Save it.
    [48] In particular, the terminal module 42 includes a secret key specific to the home network and is responsible for processing the LECM message included in the data packet 80 received by the display device 4. This secret key of the home network allows the terminal module 42 to recover from the LECM message the control word CW that contributes to scramble the digital data. The display device 4 descrambles the data for presentation to the user.
    [49] Note that the present invention also applies when the digital home network protects the LECM message by including a pair of asymmetric keys specific to that network.
    [50] When the reception device 3 performs the above steps 100 to 104, the reception device further includes an ECM message included in the received digital data and a discard list update index (Index LR_C ) received together with the content. Convert to LECM message.
    [51] When this content flowing in the digital home network in the form of a data packet such as the packet 80 shown in Fig. 1 is recorded by the recording device 5, this content is thus recorded at the time of the most recent update index of the revocation list. It is recorded together with the index, which is included in the LECM message of the packet constituting the content. In this way, it is always possible to view or play content on the network's appliances or keys on the network.
    [52] Preferably, the index Index LR_C inserted by the conversion module 32 into the LECM message is inserted into the plaintext of this message.
    [53] Indeed, the LECM message contributes to the scramble of the plain text section A, which has in particular information concerning the content type (audio / video ...) or permission to copy this content, and especially digital data representing the content. And a protection unit B having a control word. This part B is protected by encryption, that is to say that the LECM message contains part B of the encrypted version which is encrypted with the aid of a key which is a key that can be retrieved by knowing a particular key of the network or that particular key of the network. The LECM message also preferably includes an integrity field that is the result of the hash function applied to the portion A and the portion B of the message (before encryption).
    [54] The hash function, often defined as "Hash (x)", is a mathematical function that converts data set "x" into a fixed size data set "y", which is often somewhat smaller than the size of the input data. Recall that it is impossible to search for "x" by knowing y, that is, y = Hash (x).
    [55] In another embodiment, especially when the LECM message does not contain any integrity fields, the index Index LR_C inserted in the LECM message by the converter module 32 is inserted in the protection part B of the LECM message.
    [56] Referring to FIG. 3, when content originating from a digital home network is displayed to a user, more precisely, it is implemented by the display device 4 when a data packet 80 of the content is received by the display device 4. The process will be explained.
    [57] During the first step 200, the display device checks the integrity of the LECM message included in the received data packet. To do this, the display device recovers part B of the LECM message using a specific secret key of the home network and then calculates the result of the same hash function, as mentioned above, applied to parts A and B of the LECM message and Compare with the integrity field of the received LECM message.
    [58] If the check is positive, the process continues to step 201 while checking whether the revocation list LR_M stored in the terminal module 42 includes at least one element associated with the key, module or appliance used in the display device. do. This may be the serial number of the public key used by the display device (and preferably stored in terminal module 42), or the serial number of terminal module 42 or television receiver appliance 40, or terminal module 42. May be an item of information associated with a secret key of a home network stored at (the item of information may be a secret key, the key itself or a serial number of the result of a cryptographic function or hash function applied to the key).
    [59] If the revocation list LR_M does not include an element relating to a key, module or appliance used in the display device 4, the display device may display the content to the user during step 203.
    [60] On the other hand, if the revocation list contains at least one of the elements, the process proceeds to step 202, where the revocation index of this element (the revocation index of the element is included in the LR_M list) is included in the received content (more detailed). Preferably, it is greater than the index (Index LR_C ) included in the LECM message of the received packet. This may occur when content recorded before the element is inserted into the discard index is continuously played back in the home network after the element is inserted into the list.
    [61] If the check is positive, the display device may show the content to the user at step 203.
    [62] If not, the process stops 204 and the content is not displayed to the user. The process also stops if the integrity check of the LECM message is negative in step 200. The process is undesirable, but may also be stopped when at least one element relating to a key, module or appliance used in the display device is included in the revocation list LR_M (indicated by a dashed arrow from step 201).
    [63] The present invention is not limited to the above embodiment. In particular, the present invention applies to the case where content is received by a single device that forms a content receiving and displaying device and is not necessarily included in the digital home network.
    权利要求:
    Claims (9)
    [1" claim-type="Currently amended] A process for updating a revocation list containing an identifier of a key, appliance, or module that is considered noncompliant by a third trusted authority in a security system for content broadcasting,
    When receiving content from the content provider 2 at the receiving device 3,
    A single identifier is assigned to each update of the revocation list by a third trusted authority 1, wherein the identifier of the most recent revocation list Index LR_C is added to the content received at the receiving device,
    As compared to the received said waste list identifier (Index LR_C) discard list identifier (Index LR_M) stored in the receiving device, if the difference between the identifier, downloading the latest waste list to the receiving device, or the following Waiting for the reception of the most recent revocation list with the content (102)
    Process comprising a.
    [2" claim-type="Currently amended] In the process of receiving content by the receiving device 3 in the security system for content broadcasting, the revocation list created by the third trust authority includes a key, an appliance or an identifier of the module which is considered to be non-compliant by the third trust authority. In
    A single identifier is assigned to each update of the revocation list, wherein the identifier of the most recent revocation list (IndexLR_C) is added to the content received at the receiving device;
    As compared to the received said waste list identifier (Index LR_C) discard list identifier (Index LR_M) stored in the receiving device, if the difference between the identifier, downloading the latest waste list to the receiving device, or the following Waiting for the reception of the most recent revocation list with the content (102)
    Process comprising a.
    [3" claim-type="Currently amended] The method according to claim 1 or 2,
    And the revocation list single identifier is an update index of the revocation list.
    [4" claim-type="Currently amended] The method according to any one of claims 1 to 3,
    Wherein the identifier (Index LR_C ) of the most recent revocation list received with content is included in a portion protected by a cipher or by authentication of the content.
    [5" claim-type="Currently amended] The method according to any one of claims 1 to 4,
    The revocation list is at least one serial number of a public key generated by the third trusted authority and considered to be noncompliant by the third trusted authority, at least one of the appliances considered to be noncompliant by the third trusted authority. And at least one element belonging to a set comprising one serial number, at least one serial number of the module that is deemed to be noncompliant by the third trusted authority.
    [6" claim-type="Currently amended] The method according to any one of claims 1 to 5,
    The revocation list includes at least one local network secret key identifier protecting content against illegal copying, at least one local network secret key protecting content against illegal copying, and a local network secret key protecting content against illegal copying. A process comprising at least one element belonging to a set comprising at least a calculation function, in particular a result of a hash function, applied to.
    [7" claim-type="Currently amended] The method according to claim 5 or 6,
    For each element of the revocation list, its own revocation index corresponding to the update index of the list is further stored at the moment of inserting the element into the revocation list.
    [8" claim-type="Currently amended] A process for displaying received content in accordance with any one of claims 2 to 7, wherein claims 3 to 7 are dependent claims of claim 2,
    The process is for the content display device 4,
    Checking (201) whether the most recent revocation list (LR_M) in the processing of the receiving device does not contain any element associated with at least one key, one module or one appliance used by the receiving device,
    If the revocation list does not include any of the elements, continuing the process to display content to the user (203),
    Otherwise, stopping the process (204).
    [9" claim-type="Currently amended] A process for displaying content received in accordance with the process according to claim 7 taken from the dependencies of claims 2 and 3,
    The process may be performed on the content display device,
    Checking (201) whether the most recent revocation list (LR_M) in the processing of the receiving device does not contain any element associated with at least one key, one module or one appliance used by the receiving device,
    If the revocation list contains at least one of the elements,
    Comparing (202) the revocation index of the element with a revocation list update index (Index LR_C ) added to the content, and
    If the revocation list update index added to the content is less than the revocation index of the element, continuing the process to display the content to the user (203),
    Otherwise, stopping the process (204).
    类似技术:
    公开号 | 公开日 | 专利标题
    US9467658B2|2016-10-11|Method and apparatus for protecting the transfer of data
    US9973798B2|2018-05-15|Technique for securely communicating programming content
    US8681979B2|2014-03-25|Conditional access system and method for prevention of replay attacks
    JP5629348B2|2014-11-19|Data transfer protection method and apparatus
    US8800059B2|2014-08-05|System and method for processing and protecting content
    JP5363545B2|2013-12-11|Technology to securely transmit and store programming material within the trust domain
    US10055553B2|2018-08-21|PC secure video path
    US8379853B2|2013-02-19|Descrambler
    US8677147B2|2014-03-18|Method for accessing services by a user unit
    CN101040526B|2011-09-07|Digital rights management of a digital device and device
    US7698568B2|2010-04-13|System and method for using DRM to control conditional access to broadband digital content
    EP0950319B2|2008-12-10|Preventing replay attacks on digital information distributed by network service providers
    US6721958B1|2004-04-13|Optional verification of interactive television content
    KR101318461B1|2013-10-16|System and method for providing authorized access to digital content
    US8098388B2|2012-01-17|Content transmission device, content transmission method, and computer program used therewith
    US7400729B2|2008-07-15|Secure delivery of encrypted digital content
    KR101122842B1|2012-03-22|Conditional access to digital rights management conversion
    US7458101B2|2008-11-25|Information viewing/listening system, information player, and information provider
    ES2228486T3|2005-04-16|Global copy protection system for digital domestic networks.
    CA2518113C|2016-09-20|Conditional access personal video recorder
    EP1010323B1|2001-10-31|Verification of the source of program of information in a conditional access system
    US7403622B2|2008-07-22|Process for managing a symmetric key in a communication network and devices for the implementation of this process
    US7797552B2|2010-09-14|Method and apparatus for controlling paired operation of a conditional access module and an integrated receiver and decoder
    JP4358226B2|2009-11-04|Mechanism for remote control of client devices
    US7266198B2|2007-09-04|System and method for providing authorized access to digital content
    同族专利:
    公开号 | 公开日
    US20050021942A1|2005-01-27|
    WO2003056823A1|2003-07-10|
    KR100966970B1|2010-06-30|
    AU2002361186A1|2003-07-15|
    JP4478456B2|2010-06-09|
    CN100338954C|2007-09-19|
    FR2834406A1|2003-07-04|
    EP1459538A1|2004-09-22|
    JP2005530368A|2005-10-06|
    CN1608374A|2005-04-20|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    法律状态:
    2001-12-28|Priority to FR0117139A
    2001-12-28|Priority to FR01/17139
    2002-12-20|Application filed by 톰슨 라이센싱 에스.에이.
    2002-12-20|Priority to PCT/EP2002/014639
    2004-08-06|Publication of KR20040070281A
    2010-06-30|Application granted
    2010-06-30|Publication of KR100966970B1
    优先权:
    申请号 | 申请日 | 专利标题
    FR0117139A|FR2834406A1|2001-12-28|2001-12-28|Method for updating a revocation list of non-conforming keys, devices or modules in a secure content broadcasting system|
    FR01/17139|2001-12-28|
    PCT/EP2002/014639|WO2003056823A1|2001-12-28|2002-12-20|Process for updating a revocation list of noncompliant keys, appliances or modules in a secure system for broadcasting content|
    [返回顶部]