CA2544623C - Methods and apparatus for providing a partial dual-encrypted stream in a conditional access overlay system - Google Patents

Methods and apparatus for providing a partial dual-encrypted stream in a conditional access overlay system Download PDF

Info

Publication number
CA2544623C
CA2544623C CA2544623A CA2544623A CA2544623C CA 2544623 C CA2544623 C CA 2544623C CA 2544623 A CA2544623 A CA 2544623A CA 2544623 A CA2544623 A CA 2544623A CA 2544623 C CA2544623 C CA 2544623C
Authority
CA
Canada
Prior art keywords
stream
encrypted
clear
encryption
packets
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CA2544623A
Other languages
French (fr)
Other versions
CA2544623A1 (en
Inventor
Howard G. Pinder
William D. Woodward, Jr.
Jonathan Bradford Evans
Anthony J. Wasilewski
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Scientific Atlanta LLC
Original Assignee
Cisco Technology Inc
Cisco Systems Inc
Scientific Atlanta LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US10/602,986 external-priority patent/US8548166B2/en
Application filed by Cisco Technology Inc, Cisco Systems Inc, Scientific Atlanta LLC filed Critical Cisco Technology Inc
Publication of CA2544623A1 publication Critical patent/CA2544623A1/en
Application granted granted Critical
Publication of CA2544623C publication Critical patent/CA2544623C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs
    • H04N21/2347Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs involving video stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/167Systems rendering the television signal unintelligible and subsequently intelligible
    • H04N7/1675Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/21Server components or server architectures
    • H04N21/226Characteristics of the server or Internal components of the server
    • H04N21/2265Server identification by a unique number or address, e.g. serial number
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs
    • H04N21/2347Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs involving video stream encryption
    • H04N21/23476Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs involving video stream encryption by partially encrypting, e.g. encrypting the ending portion of a movie
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/236Assembling of a multiplex stream, e.g. transport stream, by combining a video stream with other content or additional data, e.g. inserting a URL [Uniform Resource Locator] into a video stream, multiplexing software data into a video stream; Remultiplexing of multiplex streams; Insertion of stuffing bits into the multiplex stream, e.g. to obtain a constant bit-rate; Assembling of a packetised elementary stream
    • H04N21/23608Remultiplexing multiplex streams, e.g. involving modifying time stamps or remapping the packet identifiers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/238Interfacing the downstream path of the transmission network, e.g. adapting the transmission rate of a video stream to network bandwidth; Processing of multiplex streams
    • H04N21/2389Multiplex stream processing, e.g. multiplex stream encrypting
    • H04N21/23895Multiplex stream processing, e.g. multiplex stream encrypting involving multiplex stream encryption
    • H04N21/23897Multiplex stream processing, e.g. multiplex stream encrypting involving multiplex stream encryption by partially encrypting, e.g. encrypting only the ending portion of a movie
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26606Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/426Internal components of the client ; Characteristics thereof
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/436Interfacing a local distribution network, e.g. communicating with another STB or one or more peripheral devices inside the home
    • H04N21/43607Interfacing a plurality of external cards, e.g. through a DVB Common Interface [DVB-CI]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs
    • H04N21/4405Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs involving video stream decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/4508Management of client data or end-user data
    • H04N21/4524Management of client data or end-user data involving the geographical location of the client
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/633Control signals issued by server directed to the network components or client
    • H04N21/6332Control signals issued by server directed to the network components or client directed to client
    • H04N21/6334Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
    • H04N21/63345Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key by transmitting keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/162Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/162Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing
    • H04N7/163Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing by receiver means only
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/173Analogue secrecy systems; Analogue subscription systems with two-way working, e.g. subscriber sending a programme selection signal
    • H04N7/17345Control of the passage of the selected programme
    • H04N7/17354Control of the passage of the selected programme in an intermediate station common to a plurality of user terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04JMULTIPLEX COMMUNICATION
    • H04J2203/00Aspects of optical multiplex systems other than those covered by H04J14/05 and H04J14/07
    • H04J2203/0001Provisions for broadband connections in integrated services digital network using frames of the Optical Transport Network [OTN] or using synchronous transfer mode [STM], e.g. SONET, SDH
    • H04J2203/0073Services, e.g. multimedia, GOS, QOS
    • H04J2203/008Support of video
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/101Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management

Abstract

The present invention is directed towards providing a partial dual-encrypted stream in a conditional access overlay system. The headend equipment includes an aligner, identifier, and remapper (AIR) device (615) that receives a clear stream and one or two encrypted streams, where the two encrypted streams have been encrypted by two different encryption schemes. The AIR
device (615) identifies critical packets associated with the clear stream and subsequently allows two encrypted streams to pass and drops the critical packets of the clear stream. A multiplexer (640) then combines a percentage of the non-critical packets of the clear stream and the critical packets of the two encrypted streams to provide the partial dual-encrypted stream.

Description

FIELD OF THE INVENTION

The present invention relates generally to the field of encrypted streams in a communications system, and more specifically towards methods and apparatus for transmitting dual encrypted stroams in a communications system.

BACKGROUND OF THE IAIVENTION

The control of the content is important in order to protect the programming from, for example, nonpaying customers. A conventional communications system, such as a cable television system, therefore, typically applies an encryption scheme to television content in order to prevent unrestricted access. Once a syst.em operator chooses an encryption scheme, the operator installs all of the necessary headend equipment (e.g., Scientific-Atlanta's conditional aeeess sofi.ware and equipment). The devices (set-tops) located at the subsoriber's premises must be compatible with the encryption scheme in order to decrypt the content for viewing. Due to the proprietary systems, however, an operator is prevented from installing different set-tops that do not have the proper decryption scheme. If the operator wishes to install different set-tops that decrypt a differont conditional access system, the operator would also have to install a second proprietary system to overlay the incumbent system in order to use both boxes.
It would be to the operator's advantage to be able to choose boxes from any menufacturer and easily implement different encryption schemes in the system without duplicating the headend equipment and utilizing extra bandwidth. Some have attempted to address a technique that overlays two encryption schemes in a system. The present application is directed towards improvements to and alternative embodiments of a conditional access system that enables different proprietary set-tops that decrypt content that has been encrypted by different encryption schemes.

BRIEF DESCRIPTION OF TIM DRAWINGS
FIG. 1 is a block diagram of a prior art dual encryption process.
FIG. 2 is an illustration of a program including a critical packek FIG. 3 is an illustration of the critical packet and the duplicated packet of FIG. 2. .
FIG. 4 is a block diagram of a first embodiment of a dual encryption scheme in accordance with the present invention.
FIG. 5 is an illustration of one program aligner, identifier, and remapper (AIR) device in accordance with the present invention that is suitable for use in an AIR
device of FIG. 4.
FIG. 6 is an illustration of a second embodiment of a dual encryption scheme in accordance with the present invention.
FIG. 7 is an illustration of one program aligner, identifier, and remapper (AIR) device in accordance with the present invention that is suitable for use in the AIR
device of FIG. 6.
FIG. 8 provides an example table illustrating the single programs that may be provided to an output port of demultiptexers.
FIG. 9 is a state diagram illustrating the comparing of the packets by the packet comparator of FIG. S.

DETAILED DESCRIPTION OF A PREFERRED EMBODIMENT

The present invention will be described more fully hereinafter with reference to the accompanying drawings in which like numerals represent like elements throughout the several figures, and in which an exemplary embodiment of the invention is shown. This invention may, however, be embodied in many different forms and should not be construed as being limited to the embodiments set forth herein; rather, the embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art. The present invention is described more fully hereinbelow.

The present invention is direc,ted towards a partial dual encryption scheme.
Methods and apparatus are described that provide a trensport stream including a clear stream and dually-encrypted streams. The present invention allows for two different set-tops (i.e., an incumbent set-top and an overlay set-top) to be located in a single system. Each set-top is designed to decrypt a proprietary encryption scheme. Advantageously, the present invention is accomplished without duplicating all of the headend equipment, and without consuming twice the original bandwidth. It ~

will be appreciated that the incumbent set-tops remain unchanged and are simply conventional devices that are most likely already deployed in the system.

A clear multiprogram transport stream (MPTS) is provided to a headend facility. It will be appreciated that the clear MPTS includes several streams of unencrypted programs each including video, audio, and data packets. The packets each have a packet identifier (PII)).
Typically, an encryption scheme encrypts some or all of the packets (herein referred to as critical packets) of some or all of the programs depending upon the level of desired security. Further information regarding a conditional access system can be found in U.S. Pat.
No. 6,424,717 entitled "Conditional Access System" filed 12/16/1999:

FIG.1 is directed towards a dual encryption scheme, and is taught in U.S. Pat.
Application Publication No. US 2003/0026423 Al by Unger. A clear stream 105 is provided to a critical packet identifier, duplicator, and remapper device (IDR) 110. The identifier device 100 identifies a critical packet in a program. FIG. 2 is an illustration of a stream including a critical packet 205 having a PID no. 210 (e.g., PID 100). The predetermined critical packet 205 is identified from the stream and duplicated. FIG. 3 is an illustration of the critical packet and the duplicated packet of FIG. 2. The IDR 110 of FIG. 1 then remaps the two critical packets (i.e., the critical packet 205 and the duplicated packet 305) to have differing PID
values 310, 315. If, for example, the PID has an original value of 100, the IDR 100 may remap the critical packet 205 to have a PID value of 101 (310) and the duplicated packet 305 to have a PID
value of 102 (315). It is also noted that the duplicated packet 305 is placed immediately following the critical packet 205 as taught by Unger.

Referring again to FIG. 1, Scrambler A 115 is then programmed to detect the PID values of the critical packets (e.g., PID 101) and seramble them with a first encryption scheme.
Scrambler B 120 then detects the duplicated paokets having the remapped PID
value (e.g., PID
102) and scrambles them according to a second enciyption scheme. The transport stream including the clear stream (C) and the two encryption streams (A and B) are subsequently provided to a PID remapper 125. The PII) remapper 125 remaps the clear stream (C) to have the same PID value as the Srst encryption stream A (e.g., PID 100 to PID 101). The transported stream may then include, for example, a percentage, such as 98%, of the clear stroam C and a percentage, such as 2%, of both of the encrypted shEams A and B. In this manner, an incumbent set-top, which is designed to decrypt encryption scheme A, receives 98% of the clear stream and
2% of the encrypted stream A. The remaining 2% of the encrypted stream B is simply not processed and discarded.

There are, however, several disadvantages with the beachings of Unger. More specifically, Unger relies on controlling the incumbent headend encryption equipment to the level of specifying exactly which PIDs to encrypt, which would be extremely difficult to accomplish in some existing encryption systems. For example, a Scientific-Atlanta encryption system, as described in U.S. Pat. No. 6,424,717, does not provide a control intarface to encrypt a specific PID. The encryption schemes are performed at the program level and would require extensive reareations of a program mapping table and its associated sessions. In contrast, the present invention does not require any changes to the incumbent headend equipment or require any special control. More specifically, the present invention simply utilizas the output of the existing hoadend equipment without modifications. Another disadvantage, is that the teachings of Unger require two operations on the clear stream by the overlayed headend equipment;
specifically, a first time for the critical packet selection and again for the PID remapping.
The present invention, however, only processes the streams once using one piece of equipment.
Advantageously, this is an improvement that reduces the cost and the complexity of the system.

A further advantage of the present invention is that modification of the encryption percentage is accomplished as a fimction of available bandwidth in the system.
For example, if there is additional bandwidth available, the present invention can increase the encrypted percentage from, for example, 2% to 6 lo. Notably, this feature is important to the system operators who need to be sensitive of both the required bandwidth and the security level of the programs.

Referring now to FIG. 4, a block diagram is illustrated depicting a first embodiment of a partial dual encryption scheme in accordance with the present invention. An MPTS, which is a clear stream C that includes a plurality of programs, is provided to scrambler A 410 and scrambler B 415. Scrambler A 410 and scrambler B 415 encrypts the clear stream C and respectively provides encrypted stream A and encrypted stream B. In a typical applica#ion, serambler A 410 is the existing scrambler of the incumbent encryption scheme, and scrambler B is the additional scrambler required for the additional encryption scheme. A demultiplexer 420 is coupled to scrambler A 410 to demultiplex the encrypted stream A, which as mentioned includes a combination of programs, to provide a single program to a single output port Similarly, demultiplexers 425 and 430 demultiplex the programs to provide the same single programs to an output port.

FIG. 8 provides an example table illustrating the single programs that may be provided to an output port of the demultiplexers 420, 425, 430 for further processing. For example, a fust Program P1 805, which may include video PID 100, audio PID 110, and other PID
120, (which may be a data PID or second audio PII)), may be sent to a first output port of demultiplexers 420, 425, 430. Similarly, a second Program P2 810, which may include video PID 200, audio PID
210, and other PII) 220, may be sent to a second output port of demultiplexers 420, 425, 430. It will be appreciated that there can be any number of programs that can be provided to an output port.

Referring again to FIG. 4, an aligner, identifier, and remapper (AIR) device 435 receives the programs from the output ports of the demultiplexers 420, 425, 430, where the progtams, or streams, (P1, P2, Pn) are grouped at the input of the AIR device 435, and is discussed below. The output streams of the AIR device 43 5 are provided to a multiplexer 440 that then provides a multiplexed partial dual encrypted transport stream. Additionally, the demultiplexer 420 coupled to scrambler A, which in this embodiment is assumed to be the incumbent scrambling scheme, also includes an output port 442 that provides undefined packets directly to the multiplexer 440.
Due to the fact that there may be packets that are intended for purposes that are specific to the incwnbent set-tops, ftsa packets should be allowed to continue through the system without any potential alterations or deletion.

FIG. 5 is an illustration of one program aligner, identifier, and remapper (AIR) device 500 in accordance with the present invention that is suitable for use in the AIR
devioe 435 of FIG. 4.

It will be appreciated tbat the preseut invention in comparison with the prior art does not duplicate or remap critical packets. Addition.ally, it will be appreciated that more than one program AIR
device 500 can be implemented in the AIlt device 435 depending upon the number of programs (e.g., P1, P2, Pn) to be processed. Buffer A 505, buffer B 510, and buffer C
515 receive the streams A, B, and C from the output the demultiplexers 420, 425, 430. The buffers 505, 510, 515 allow a packet comparator 520 to monitor the streams A, B, and C and align them in time.
Alignment may be necessary since the cecrypted streams A and B may be somewhat delayed and out of synchronization due to the scramblers 410, 415.

FIG. 9 is a state diagram illustrating the comparing and aligning of the packets by the packet comparator 520. In the initial state 905, the buffers 505, 510,515 are filled with packets, and the packet comparator 520 begins searching, in state 910, for a refeam-oe packet (ref pkt) in the clear stream, which is provided by buffer C 515. The reference packet may be, for auample, a video PID with a payload unit start indicator (PUSI) bit equal to one (1). It will be appreciated that the specifications for this reference packet may have other specifications, such as an audio PID and the PUSI bit may be equal to 0. The basis for comparison however must be valid for packets in the clear or scrambled state. Further information regarding the PUSI bit can be found in U.S. Pat. No. 6,424,714 entitled "Conditional Access System." If the reference packet is not found, the clear stream C passes, and the encrypted stroems A and B drop in state 915. The searching state 910 continues until the referenee packet is found in the clear stream C.
Subsequetrtly, in sWe 920, the encryptad streams A and B are compared to the found reference packet. The basis for comparison is again the video PID, and the preseaoa of the PUSI bit equal to one (1). The basis for comparison is not affect.ed by the fact tbat scxamblm A 410 or B 415 has scrambled the packet. If the packets in either of the streams A and B do not matcli, the non-matching packet(s) drop in state 925. If buffers A 505 and B 510 are empty, the state returns to state 910 and begins searching. Otherwise, state 920 continues comparing the packets in streams A and B with the reference packet until a match is found, and the stteams aro then considered aligned.

In the aligned state 928, state 930 waits until buffers A 505, B 510, and C
515 have greater than one packet. Subsequently, the head packets are verified to have the same PID value, in state 935. If not, in state 940, the packet in stream C passes and packets in streams A and B
drop, and state 935 continues verifying the packets. At times, packets in a program can be swapped in their position and are essentially out of order. In that case, passing the packets in the clear stream C ensure that the packets are passed rather than stalling in the buffers. If the head packet PID values are the same, the values of the continuity counter field of the packets are then verified to be the same, in state 945. If not, the assumption is that there is an error in the alignment, and the comparator 520 returns to the initial state 905. It will be appreciated that the continuity counter of the clear stream C is used as the reference number. If the continuity counters are the same for the all the packets in the streams, state 950 releases the packets from the buffers A, B, and C, and returns to the aligned state 930 to continue ensuring alignment of the packets. It will be appreciated that there are other methods for verifying alignment, other than the use of the continuity_count value, such as the presence and length of an adaptation field, or-the presence and value of a program olock referance (PCR) value.

It should be noted that MPEG packet processing equipment typically modifies the Program Clock Reference (PCR) of progr4ms being proee.ssed, to correct for any PCR jitter that would otherwise be introduced. In this embodiment, the PCRs of cloar stroam C
are regarded as the primary PCRs, and all PCR modifications are performed on the values in stream C. If the PCR-bearing packet is also a critical packet, the correoted PCR value from stream C is placed into the PCR field in the packet from streams A and B.

Referring again to FIG. 5, a remapper 525 remaps the PID value of the released packet from stream B to a new PID value, for example, PID 100 to PID 101 and/or PID
110 to PID 111, depending upon whether the critical packet selection includes just video or audio packets or includes both video and audio packets. A switch 535, 540, 545 then gates the released packets of stceam A, B, and C.

A selector 530 also receives the released packet of clear stream C, wbich it uses as a reference sltnam to control the switches 535, 540, 545. In the preferred embodiment of the present invention, the selector 530 allows the packets of the clear sftam C to pass through to a multiplexer 550 until such time as a critical packet is detected. Again, it will be approadated that the critical packet can be a video, audio, and/or data paelcet. When the critical packet is deteoted, the switch 545 opens and switches 535, 540 are closed, thereby allowing tha released packets of encrypted streams A and B, which each have the aligned critical packet, to simultaneously pass through to the multiplexer 550. The multiplexer 550 then combines the packets to provide a pattial dual-encrypted transport stream where the dual encryption includes packets encrypted by both scambler A 410 and ecrambler B 415. The multiplexed stream is then provided to multiplexer 440 (FIG. 4) to be combined with additional partial dual-encrypted program streams.
It will be appreciated that multiploxer 550 provides only a portion of the packet stream to the overail multiplexer 440 of FIG. 4. In this manner, when bandwidth beoomes available in ' multiplexer 440, a signal indicating an increase in encrypted packets is allowable is provided to multiplexer 550 via feedback loop 560. The multiplexer 550 then relays this information tn the selector 530 via feedback loop 565, and the selector 530 ean then increase the percentage of critical packets, for example, from 2% to 6% of the paekets that are considered cxitieal.

FIG. 6 is an illustration of a second embodiment of a partial dual encryption scheme in accordance with the present invention. The advantage of the configuration shown in FIG. 6 is that all the elements required to add an additional encryption scheme (Deonux 607, 608, AIR devices 615, and Mux 640) can be implemented in a single piece of equipment. An MPTS C
is provided to sorambler A 605 that provides a first encrypted stream A. A firat demultiplexes 607 roceives the encrypted stream A and a second demultiplexer 608 receives the clear stream C in order to demultiplex the plurality of programs into single programs. Again, assuming the scrambler A 605 is the incumbent encryption scheme, an output port 609 of the demultiplexer 607 is provided for unidentified paokets and is provided directly to a multiplexer 640 for delivery along with the partial dual-ancrypted transport stresm. The common programs fram the demultiplems 607, 608 are then provided to an aligner, identifier, and remapper (AIR) device 615.

FIG. 7 is an illushition of one progrann aligner, identifier, and remapper (AIR) device 700 in accordance with die present invention that is suitable for use in the AIR
device 615 of FIG. 6.
For a first program P1, the encrypted sheam A is buffered in buffer A 710, and buffer C 715 receives the claar stream C. A packet comparator 720 compares the packets to ensure they are aligned due to any delays introduced by scrambler A 705. It will be appreciated that the packet eonnparator 720 operates in a similar manner to the packet comparator 520 of FIG. 5 and in accordance with the stats diagram of FIG. 9 for just encrypted stream A. A
critical packet selector 725 uses the clear sheam C as a reference stream and controls two switches 730, 735 aaeordfngly. More specifica113r, switch 730 allows the packets of clear stceam C to pass through to a multiplexer 740 until a critical packet is detected. When the critical packet is detected, switch 730 provides the packet of clear stream C to saambler B 745 and switch 735 is also switched, thereby allowing the critical packet of encrypted stream A to pass tfirough to the multiplexer 740.
The scrambler B 745 encrypts the packet of clear sd-um C according to a second encryption method and provides the encrypted packet to a PID recmapper 750. The PID
remapper 750 remaps the packet's PID value to a new PID value (e.g., PID 100 to PID 101 and/or PID
110 to 111). The romapped packet is subsaquently provided to the multiplexer 740 for transmitting along with the packet of the encrypted sftam A. The scrambler B 745 also controls the PID
comparator 720 in order to prevent packets from being transmitted until the scrambler B 745 and the remapper 750 have completed their steps, thereby maintaining proper ordering of paokets.

A partial dual-encrypted tsansport stream is then provided to the multiplexer 640 (FIG. 6) to be combined widi other partial dual-encrypted programs. The combined partial dual-enerypted transport stream is then provided to the set-tops and decrypted according to the doeryption methods (i.e., encryption method A or encryption method B) of the set-top.
Similar to the first embodiment of the present invention, muhiplexer 740 provides only a portion of the packet stream to the overall multiplexer 640 of FIG. 6. In this manner, when bandwidth becomes available in m-altiplexer 640, a signal indicating an incxease in encrypted packets is allowable is provided to rnultiplexer 740 via feedback loop 650. The multiplexer 740 then relays this information to the remapper 750 via feedback look 765, and the remapper 750 can then increase the percentage of critical packets, for example, from 2% to 6% of the packets that are considered critical.

It will be approoiated that modifications can be made to the two embodiments tbat are still within the scope of the invendon. Additionally, the present invention can be implemented using hardwara and/or soflware that are within the scope of one skilled in the att.
The embodiments of the descxiption have boen prasatied for clarification purposes; however, the invention is defined by the following claims.

What is claimed is:

IU

Claims (20)

1. A method for providing an encrypted transport stream, the method comprising the steps of:
receiving a clear stream, the clear stream including a plurality of programs, each program comprising a plurality of packets each having a packet identifier (PID), wherein at least one of the plurality of packets is designated a critical packet;
scrambling the clear stream according to a first encryption method to provide a first encryption stream;
scrambling the clear stream according to a second encryption method to provide a second encryption stream;
aligning in time the clear stream, the first encryption stream, and the second encryption stream;
after scrambling the clear stream according to the first encryption method to provide the first encryption stream and after scrambling the clear stream according to the second encryption method to provide the second encryption stream, passing packets of the clear stream through a multiplexer, wherein when the at least one critical packet is identified in the packets of the clear stream, the critical packet of the clear stream drops and the scrambled critical packets included in the first and second encryption streams pass; and multiplexing the packets of the clear stream and the critical packets of the first and second encryption streams to provide a partial dual encrypted stream.
2. The method of claim 1, the steps further comprising remapping at least one PID value associated with the second encryption stream, whereby the scrambled packets of the first and second encryption streams each have a differing PID value.
3. The method of claim 1, wherein the aligning step comprises buffering each of the clear stream, the first encryption stream, and the second encryption stream.
4. The method of claim 3, the aligning step comprising the further steps of searching the clear stream for a reference packet; and comparing the reference packet with packets in the first encryption stream and the second encryption stream, wherein the packets associated with the clear stream passes and the packets associated with the first and second encryption streams drop until the packets associated with the first and second encryption stream match the reference packet.
5. The method of claim 1, comprising the further step of demultiplexing each of the clear stream and the first and second encryption streams to provide a plurality of programs.
6. The method of claim 5, wherein a common program demultiplexed from each stream is provided to a common aligner, identifier, and remapper device.
7. A partial dual-encryption device for encrypting a clear stream, comprising:

a port for providing a first encrypted stream corresponding to the clear stream from a first scrambler;
a port for providing a second encrypted stream corresponding to the clear stream from a second scrambler, an aligner, identifier, and remapper (AIR) device coupled to each scrambler for providing a partial dual-encrypted stream, wherein the clear stream having at least one critical packet is provided to each scrambler and the AIR device, wherein, after the streams are encrypted, the AIR device aligns packets of the clear stream, the first encrypted stream, and the second encrypted stream, and wherein, upon identification of the at least one critical packet of the clear stream, provides the partial dual-encrypted stream including non-critical packets of the clear stream, a critical packet of the first encrypted stream, and a remapped critical packet of the second encrypted stream.
8. The partial dual-encryption device of claim 7, the AIR device comprising:
an aligner for aligning the packets associated with the clear stream, the first encrypted stream, and the second encrypted stream;

an identifier for identifying the at least one critical packet; and a remapper for remapping a packet identifier (PID) value associated with the second encrypted stream, the aligner comprising:
buffers for buffering the clear stream, the first encrypted stream, and the second encrypted stream; and a packet comparator for comparing a head packet associated with each stream in a buffer to determine when the buffered streams are aligned and subsequently releasing the streams for further processing.
9. The partial dual-encryption device of claim 8, the AIR device further comprising:
switches responsive to the identifier for allowing one of the packets associated with the clear stream and the packets associated with the first and second encrypted streams to pass through to a multiplexer.
10. The partial dual-encryption device of claim 7, further comprising:
a first demultiplexer coupled to the first scrambler to provide a plurality of first encrypted program streams;
a second demultiplexer coupled to the second scrambler to provide a plurality of second encrypted program streams; and a third demultiplexer for providing a plurality of clear program streams, wherein the demultiplexed program streams are provided to the AIR and processed as a common program.
11. The partial dual-encryption device of claim 10, wherein the AIR device includes a plurality of program AIR devices depending upon the number of common programs.
12. The partial dual-encryption device of claim 11, further comprising a common multiplexer for multiplexing the partial dual-encrypted stream from each of the plurality of program AIR devices.
13. The partial dual-encryption device of claim 12, wherein the common multiplexer provides feedback to each of the program AIR devices that indicates availability of bandwidth for when the number of critical packets of the first encrypted stream and the remapped critical packets of the second encrypted stream can be increased.
14. A method for transmitting an encrypted transport stream, the method comprising the steps of:
receiving a clear stream, the clear stream including a plurality of programs, each program comprising a plurality of packets each having a packet identifier (PID), wherein at least one of the plurality of packets is designated a critical packet;
scrambling with a first scrambler the clear stream according to a first encryption method to provide a first encrypted stream;
aligning in time the clear stream and the first encrypted stream;
after providing the first encryption stream, identifying the at least one critical packet associated with the clear stream, wherein prior to identification, packets associated with the clear stream pass to a multiplexer and encrypted packets associated with the first encrypted stream drop, and wherein subsequent to identification, packets associated with the clear stream pass to a second scrambler and encrypted packets associated with the first encrypted stream pass to the multiplexer, wherein the second scrambler provides a second encrypted stream to the multiplexer; and multiplexing non-critical packets associated with the clear stream and the encrypted critical packets associated with the first and second encrypted streams to provide a partial dual-encrypted stream.
15. The method of claim 14, the steps further comprising remapping the second encrypted stream to a new PID value.
16. A partial dual-encryption device, comprising:
a port for providing a first encrypted stream from a first scrambler;
an aligner, identifier, and remapper (AIR) device coupled to the scrambler for providing a partial dual-encrypted stream, wherein a clear stream having at least one critical packet is provided to the scrambler and the AIR device, wherein the AIR device aligns packets of the clear stream and the first encrypted stream, and identifies the at least one critical packet associated with the clear stream, wherein, upon identification of the at least one critical packet, provides the first stream having been previously encrypted, provides the at least one critical packet to a second scrambler, the second scrambler to provide a second encrypted stream, and wherein the AIR device provides the partial dual-encrypted stream including non-critical packets associated with the clear stream and dually-encrypted critical packets associated with the first and second encrypted streams.
17. The partial dual-encryption device of claim 16, the AIR device comprising:

an aligner for aligning the packets associated with the clear stream and the first encrypted stream;
an identifier for identifying the a critical packet associated with the clear stream;
and a first switch responsive to the identifier for providing one of the non-critical packets associated with the clear stream to a multiplexer and the critical packet associated with the clear stream to a second scrambler;
a second switch responsive to the identifier, wherein upon identification of the critical packet, the second switch for providing a first encrypted critical packet of the first encrypted stream to the multiplexer;
the second scrambler coupled to the first switch for receiving the critical packet associated with the clear stream and providing a second encrypted critical packet; and a remapper for remapping the second encrypted packet to provide a remapped encrypted critical packet.
18. The partial dual-encryption device of claim 17, the AIR device comprising:

a first demultiplexer coupled to the first scrambler to provide a plurality of first encrypted program streams; and a second demultiplexer for providing a plurality of clear program streams, wherein the demultiplexed program streams are provided to the AIR device and processed according to a common program stream.
19. The partial dual-encryption device of claim 18, wherein the AIR device includes a plurality of program AIR devices depending upon the number of common program streams.
20. The partial dual-encryption device of claim 19, further comprising a common multiplexer for multiplexing the partial dual-encrypted stream from each of the plurality of program AIR devices, wherein the common multiplexer provides feedback to each of the program AIR devices that indicates availability of bandwidth for when the number of critical packets of the first encrypted stream and the remapped encrypted critical packets of the second encrypted stream can be increased.
CA2544623A 2003-06-25 2004-06-18 Methods and apparatus for providing a partial dual-encrypted stream in a conditional access overlay system Expired - Fee Related CA2544623C (en)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US10/602,986 US8548166B2 (en) 1995-04-03 2003-06-25 Method for partially encrypting program data
US10/602,986 2003-06-25
US10/629,839 2003-07-30
US10/629,839 US7224798B2 (en) 1995-04-03 2003-07-30 Methods and apparatus for providing a partial dual-encrypted stream in a conditional access overlay system
PCT/US2004/019508 WO2005004458A2 (en) 2003-06-25 2004-06-18 Methods and apparatus for providing a partial dual-encrypted stream in a conditional access overlay system

Publications (2)

Publication Number Publication Date
CA2544623A1 CA2544623A1 (en) 2005-01-13
CA2544623C true CA2544623C (en) 2010-05-04

Family

ID=33568005

Family Applications (1)

Application Number Title Priority Date Filing Date
CA2544623A Expired - Fee Related CA2544623C (en) 2003-06-25 2004-06-18 Methods and apparatus for providing a partial dual-encrypted stream in a conditional access overlay system

Country Status (7)

Country Link
US (2) US7224798B2 (en)
EP (1) EP1656792B1 (en)
JP (1) JP2007526664A (en)
KR (1) KR101096975B1 (en)
CA (1) CA2544623C (en)
MX (1) MXPA05014208A (en)
WO (1) WO2005004458A2 (en)

Families Citing this family (45)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7224798B2 (en) * 1995-04-03 2007-05-29 Scientific-Atlanta, Inc. Methods and apparatus for providing a partial dual-encrypted stream in a conditional access overlay system
US8548166B2 (en) * 1995-04-03 2013-10-01 Anthony J. Wasilewski Method for partially encrypting program data
US6937729B2 (en) * 1995-04-03 2005-08-30 Scientific-Atlanta, Inc. Representing entitlements to service in a conditional access system
US7515712B2 (en) * 1997-08-01 2009-04-07 Cisco Technology, Inc. Mechanism and apparatus for encapsulation of entitlement authorization in conditional access system
US6697489B1 (en) 1999-03-30 2004-02-24 Sony Corporation Method and apparatus for securing control words
US7730300B2 (en) 1999-03-30 2010-06-01 Sony Corporation Method and apparatus for protecting the transfer of data
US7565546B2 (en) * 1999-03-30 2009-07-21 Sony Corporation System, method and apparatus for secure digital content transmission
US7039614B1 (en) 1999-11-09 2006-05-02 Sony Corporation Method for simulcrypting scrambled data to a plurality of conditional access devices
US7895616B2 (en) 2001-06-06 2011-02-22 Sony Corporation Reconstitution of program streams split across multiple packet identifiers
US7151831B2 (en) * 2001-06-06 2006-12-19 Sony Corporation Partial encryption and PID mapping
US7747853B2 (en) 2001-06-06 2010-06-29 Sony Corporation IP delivery of secure digital content
US7292690B2 (en) * 2002-01-02 2007-11-06 Sony Corporation Video scene change detection
US7292691B2 (en) * 2002-01-02 2007-11-06 Sony Corporation Progressive video refresh slice detection
US7218738B2 (en) * 2002-01-02 2007-05-15 Sony Corporation Encryption and content control in a digital broadcast system
US7823174B2 (en) 2002-01-02 2010-10-26 Sony Corporation Macro-block based content replacement by PID mapping
US7215770B2 (en) * 2002-01-02 2007-05-08 Sony Corporation System and method for partially encrypted multimedia stream
US7155012B2 (en) * 2002-01-02 2006-12-26 Sony Corporation Slice mask and moat pattern partial encryption
US7765567B2 (en) 2002-01-02 2010-07-27 Sony Corporation Content replacement by PID mapping
US8818896B2 (en) 2002-09-09 2014-08-26 Sony Corporation Selective encryption with coverage encryption
US7724907B2 (en) 2002-11-05 2010-05-25 Sony Corporation Mechanism for protecting the transfer of digital content
US8572408B2 (en) 2002-11-05 2013-10-29 Sony Corporation Digital rights management of a digital device
US8645988B2 (en) 2002-12-13 2014-02-04 Sony Corporation Content personalization for digital content
US8667525B2 (en) 2002-12-13 2014-03-04 Sony Corporation Targeted advertisement selection from a digital stream
WO2004086664A2 (en) * 2003-03-27 2004-10-07 Nds Limited Improved cfm mode system
US7853980B2 (en) 2003-10-31 2010-12-14 Sony Corporation Bi-directional indices for trick mode video-on-demand
US20050097597A1 (en) * 2003-10-31 2005-05-05 Pedlow Leo M.Jr. Hybrid storage of video on demand content
US8396216B2 (en) 2003-11-21 2013-03-12 Howard G. Pinder Partial dual-encryption using program map tables
US7490236B2 (en) * 2004-01-14 2009-02-10 Cisco Technology, Inc. Conditional access overlay partial encryption using MPEG transport continuity counter
US20060047601A1 (en) * 2004-08-25 2006-03-02 General Instrument Corporation Method and apparatus for providing channel key data
US7675872B2 (en) 2004-11-30 2010-03-09 Broadcom Corporation System, method, and apparatus for displaying pictures
US7895617B2 (en) 2004-12-15 2011-02-22 Sony Corporation Content substitution editor
US8041190B2 (en) 2004-12-15 2011-10-18 Sony Corporation System and method for the creation, synchronization and delivery of alternate content
KR101132296B1 (en) 2005-05-02 2012-04-05 엔디에스 리미티드 Native scrambling system
US20070006253A1 (en) * 2005-06-29 2007-01-04 Pinder Howard G Partial pre-encryption with network-based packet sorting
US8185921B2 (en) 2006-02-28 2012-05-22 Sony Corporation Parental control of displayed content using closed captioning
US8275132B2 (en) * 2006-05-15 2012-09-25 Buchen Neil B System and method for dynamically allocating stream identifiers in a multi-encryption transport system
US7983417B2 (en) * 2006-05-15 2011-07-19 Buchen Neil B System and method for dynamically allocating stream identifiers in a multi-encryption transport system
US7965839B2 (en) * 2008-02-19 2011-06-21 Sony Corporation Encryption system for satellite delivered television
US20090242653A1 (en) * 2008-03-27 2009-10-01 Needham Robert M Enviromentally distinctive cabin design and integrated recovery system
EP2219374A1 (en) * 2009-02-13 2010-08-18 Irdeto Access B.V. Securely providing a control word from a smartcard to a conditional access module
PT2697979T (en) * 2011-04-15 2016-12-23 Nagravision Sa Method to identify the origin of a security module in pay-tv decoder system
US9066117B2 (en) * 2012-02-08 2015-06-23 Vixs Systems, Inc Container agnostic encryption device and methods for use therewith
US9185094B2 (en) 2012-03-01 2015-11-10 Ologn Technologies Ag Systems, methods and apparatuses for the secure transmission and restricted use of media content
US9559845B2 (en) 2012-03-01 2017-01-31 Ologn Technologies Ag Systems, methods and apparatuses for the secure transmission of media content
CN111954047A (en) * 2019-05-17 2020-11-17 武汉佳世创科技有限公司 Method and device for descrambling two paths of code streams by single CAM card

Family Cites Families (146)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5742677A (en) 1995-04-03 1998-04-21 Scientific-Atlanta, Inc. Information terminal having reconfigurable memory
US6292568B1 (en) 1966-12-16 2001-09-18 Scientific-Atlanta, Inc. Representing entitlements to service in a conditional access system
US5870474A (en) * 1995-12-04 1999-02-09 Scientific-Atlanta, Inc. Method and apparatus for providing conditional access in connection-oriented, interactive networks with a multiplicity of service providers
US4150404A (en) * 1975-07-08 1979-04-17 U.S. Philips Corporation Device for transferring digital information
US4155042A (en) 1977-10-31 1979-05-15 Permut Alan R Disaster alert system
US4405829A (en) 1977-12-14 1983-09-20 Massachusetts Institute Of Technology Cryptographic communications system and method
US4862268A (en) * 1980-03-31 1989-08-29 General Instrument Corporation Addressable cable television control system with video format data transmission
US4358672A (en) 1980-05-16 1982-11-09 The Telemine Company, Inc. Pay per view television control device
USRE33808E (en) 1980-10-21 1992-01-28 Information Resources, Inc. Cable television with multi-event signal substitution
US4388643A (en) 1981-04-06 1983-06-14 Northern Telecom Limited Method of controlling scrambling and unscrambling in a pay TV system
US4694490A (en) 1981-11-03 1987-09-15 Harvey John C Signal processing apparatus and methods
USRE33189E (en) 1981-11-19 1990-03-27 Communications Satellite Corporation Security system for SSTV encryption
US4531020A (en) 1982-07-23 1985-07-23 Oak Industries Inc. Multi-layer encryption system for the broadcast of encrypted information
US4613901A (en) 1983-05-27 1986-09-23 M/A-Com Linkabit, Inc. Signal encryption and distribution system for controlling scrambling and selective remote descrambling of television signals
EP0148235B1 (en) 1983-06-30 1988-10-05 Independent Broadcasting Authority Encrypted broadcast television system
US4658093A (en) 1983-07-11 1987-04-14 Hellman Martin E Software distribution system
US4600921A (en) 1983-10-19 1986-07-15 Zenith Radio Corporation Full-field teletext system with dynamic addressability
US4649533A (en) 1983-10-25 1987-03-10 Keycom Electronic Publishing Method and apparatus for retrieving remotely located information
US4599647A (en) * 1983-11-03 1986-07-08 General Instrument Corporation Receiver with interface for interaction with controller-decoder
US4712238A (en) 1984-06-08 1987-12-08 M/A-Com Government Systems, Inc. Selective-subscription descrambling
GB2163577B (en) 1984-08-23 1988-01-13 Nat Res Dev Software protection device
JPS6181043A (en) * 1984-09-28 1986-04-24 Fujitsu Ltd Cipher processing system of packet communication
US4887296A (en) 1984-10-26 1989-12-12 Ricoh Co., Ltd. Cryptographic system for direct broadcast satellite system
US5036537A (en) 1984-11-19 1991-07-30 General Instrument Corp. Geographic black-out method for direct broadcast satellite system
US4982430A (en) 1985-04-24 1991-01-01 General Instrument Corporation Bootstrap channel security arrangement for communication network
US5018196A (en) 1985-09-04 1991-05-21 Hitachi, Ltd. Method for electronic transaction with digital signature
US4885777A (en) 1985-09-04 1989-12-05 Hitachi, Ltd. Electronic transaction system
US4718107A (en) * 1986-02-14 1988-01-05 Rca Corporation Parental control for CATV converters
US4712239A (en) 1986-06-16 1987-12-08 General Instrument Corporation Security arrangement for downloadable cable television converters
US4866770A (en) 1986-07-08 1989-09-12 Scientific Atlanta, Inc. Method and apparatus for communication of video, audio, teletext, and data to groups of decoders in a communication system
US4937866A (en) * 1986-08-13 1990-06-26 U.S. Philips Corporation System for decoding transmitted scrambled signals
US4837820A (en) * 1986-10-17 1989-06-06 Zenith Electronics Corporation Hybrid CATV scrambling system
DE3642629A1 (en) 1986-12-13 1988-06-23 Grundig Emv SYSTEM FOR PROCESSING ENCRYPTED TRANSFER INFORMATION
EP0287720B1 (en) 1987-04-22 1992-01-08 International Business Machines Corporation Management of cryptographic keys
EP0308150B1 (en) * 1987-09-14 1993-07-07 BRITISH TELECOMMUNICATIONS public limited company Method of communicating digital signals and receiver for use with such method
US4864615A (en) 1988-05-27 1989-09-05 General Instrument Corporation Reproduction of secure keys by using distributed key generation data
NL8900307A (en) 1989-02-08 1990-09-03 Philips Nv PUBLIC COMMUNICATION SYSTEM WITH DISTRIBUTED STATIONS, AND STATION AND SUBSTATIONS FOR USE IN SUCH A COMMUNICATION SYSTEM.
US5175765A (en) 1989-05-09 1992-12-29 Digital Equipment Corporation Robust data broadcast over a distributed network with malicious failures
US5151782A (en) 1989-05-17 1992-09-29 Reiss Media Enterprises Control system for satellite delivered pay-per-view television system
US5003591A (en) 1989-05-25 1991-03-26 General Instrument Corporation Functionally modifiable cable television converter system
US5081678A (en) * 1989-06-28 1992-01-14 Digital Equipment Corporation Method for utilizing an encrypted key as a key identifier in a data packet in a computer network
JP2606419B2 (en) 1989-08-07 1997-05-07 松下電器産業株式会社 Cryptographic communication system and cryptographic communication method
US5155591A (en) 1989-10-23 1992-10-13 General Instrument Corporation Method and apparatus for providing demographically targeted television commercials
US5282249A (en) 1989-11-14 1994-01-25 Michael Cohen System for controlling access to broadcast transmissions
US4993068A (en) 1989-11-27 1991-02-12 Motorola, Inc. Unforgeable personal identification system
US5237610A (en) 1990-02-01 1993-08-17 Scientific-Atlanta, Inc. Independent external security module for a digitally upgradeable television signal decoder
US5029207A (en) 1990-02-01 1991-07-02 Scientific-Atlanta, Inc. External security module for a television signal decoder
US5073935A (en) 1990-12-17 1991-12-17 Jose Pastor Method for secure communication
KR930005441B1 (en) 1991-05-03 1993-06-21 삼성전자 주식회사 Tv receivers selection control circuit
US5235643A (en) 1991-05-21 1993-08-10 Anderson Steven E Satellite receiver retuning system
FR2680589A1 (en) 1991-08-19 1993-02-26 France Telecom METHOD OF TRANSMITTING AND RECEIVING CUSTOM PROGRAMS.
US5142578A (en) 1991-08-22 1992-08-25 International Business Machines Corporation Hybrid public key algorithm/data encryption algorithm key distribution method based on control vectors
US5282248A (en) 1991-09-20 1994-01-25 Dejoy Victor P Time limited signal conduction system
US5231664A (en) * 1991-11-14 1993-07-27 Zenith Electronics Corporation Cable system having multiple barkering
US5231665A (en) 1991-11-20 1993-07-27 Zenith Electronics Corporation Cable television system having dynamic market code shuffling
US5249230A (en) 1991-11-21 1993-09-28 Motorola, Inc. Authentication system
US5565909A (en) 1992-08-31 1996-10-15 Television Computer, Inc. Method of identifying set-top receivers
US5432542A (en) 1992-08-31 1995-07-11 Television Computer, Inc. Television receiver location identification
US5402490A (en) 1992-09-01 1995-03-28 Motorola, Inc. Process for improving public key authentication
US5243652A (en) 1992-09-30 1993-09-07 Gte Laboratories Incorporated Location-sensitive remote database access control
US5418782A (en) 1992-10-30 1995-05-23 Scientific-Atlanta, Inc. Methods and apparatus for providing virtual service selection in a multi-service communications system
US5400401A (en) 1992-10-30 1995-03-21 Scientific Atlanta, Inc. System and method for transmitting a plurality of digital services
US5359601A (en) 1992-10-30 1994-10-25 Scientific-Atlanta, Inc. Apparatus providing dynamic virtual service selection in a multi-service communications system
FR2698510B1 (en) 1992-11-26 1994-12-23 Schlumberger Ind Sa Communication network.
US5341425A (en) 1992-12-02 1994-08-23 Scientific Atlanta, Inc. Methods and apparatus for uniquely encrypting data at a plurality of data transmission sites for transmission to a reception site
US5465299A (en) 1992-12-03 1995-11-07 Hitachi, Ltd. Electronic document processing system and method of forming digital signature
US5523781A (en) * 1993-02-11 1996-06-04 Precision Industries, Incorporated System for controlling television and billing for its use
US5381477A (en) 1993-02-16 1995-01-10 Scientific-Atlanta, Inc. Method of selecting cable television converter groups
FR2703552A1 (en) 1993-03-31 1994-10-07 Philips Electronics Nv Method and apparatus for scrambling and descrambling a specific television program
US5285497A (en) 1993-04-01 1994-02-08 Scientific Atlanta Methods and apparatus for scrambling and unscrambling compressed data streams
US5506904A (en) 1993-08-04 1996-04-09 Scientific-Atlanta, Inc. System and method for transmitting and receiving variable length authorization control for digital services
US5381481A (en) 1993-08-04 1995-01-10 Scientific-Atlanta, Inc. Method and apparatus for uniquely encrypting a plurality of services at a transmission site
IL106746A (en) 1993-08-19 1997-02-18 News Datacom Ltd CATV systems
IL106796A (en) * 1993-08-25 1997-11-20 Algorithmic Res Ltd Broadcast encryption
US5440633A (en) 1993-08-25 1995-08-08 International Business Machines Corporation Communication network access method and system
US5499295A (en) 1993-08-31 1996-03-12 Ericsson Inc. Method and apparatus for feature authorization and software copy protection in RF communications devices
US5585866A (en) 1993-09-09 1996-12-17 Miller; Larry Electronic television program guide schedule system and method including virtual channels
US5497422A (en) 1993-09-30 1996-03-05 Apple Computer, Inc. Message protection mechanism and graphical user interface therefor
US5343527A (en) 1993-10-27 1994-08-30 International Business Machines Corporation Hybrid encryption method and system for protecting reusable software components
US5488410A (en) 1993-10-29 1996-01-30 Telectronics Pacing Systems, Inc. System and method for disk software publishers to control disk distribution
US5481542A (en) 1993-11-10 1996-01-02 Scientific-Atlanta, Inc. Interactive information services control system
US5499294A (en) 1993-11-24 1996-03-12 The United States Of America As Represented By The Administrator Of The National Aeronautics And Space Administration Digital camera with apparatus for authentication of images produced from an image file
US5519780A (en) 1993-12-03 1996-05-21 Scientific-Atlanta, Inc. System and method for providing compressed digital teletext services and teletext support services
US5425101A (en) 1993-12-03 1995-06-13 Scientific-Atlanta, Inc. System and method for simultaneously authorizing multiple virtual channels
US5787172A (en) 1994-02-24 1998-07-28 The Merdan Group, Inc. Apparatus and method for establishing a cryptographic link between elements of a system
US5420866A (en) 1994-03-29 1995-05-30 Scientific-Atlanta, Inc. Methods for providing conditional access information to decoders in a packet-based multiplexed communications system
FR2718594B1 (en) * 1994-04-06 1996-04-26 France Telecom Method for broadcasting programs with progressive conditional access and separating the flow of information.
US5481613A (en) 1994-04-15 1996-01-02 Northern Telecom Limited Computer network cryptographic key distribution system
US5619501A (en) 1994-04-22 1997-04-08 Thomson Consumer Electronics, Inc. Conditional access filter as for a packet video signal inverse transport system
US5734589A (en) * 1995-01-31 1998-03-31 Bell Atlantic Network Services, Inc. Digital entertainment terminal with channel mapping
US5473692A (en) 1994-09-07 1995-12-05 Intel Corporation Roving software license for a hardware agent
US5557678A (en) 1994-07-18 1996-09-17 Bell Atlantic Network Services, Inc. System and method for centralized session key distribution, privacy enhanced messaging and information distribution using a split private key public cryptosystem
US5557765A (en) 1994-08-11 1996-09-17 Trusted Information Systems, Inc. System and method for data recovery
MY125706A (en) * 1994-08-19 2006-08-30 Thomson Consumer Electronics High speed signal processing smart card
US5740246A (en) 1994-12-13 1998-04-14 Mitsubishi Corporation Crypt key system
US5550984A (en) 1994-12-07 1996-08-27 Matsushita Electric Corporation Of America Security system for preventing unauthorized communications between networks by translating communications received in ip protocol to non-ip protocol to remove address and routing services information
BR9510128A (en) 1994-12-30 1997-12-30 Thomson Consumer Electronics Modem with automatic callback provisions
FR2729521A1 (en) 1995-01-17 1996-07-19 Thomson Consumer Electronics METHOD FOR PROTECTING MANAGEMENT MESSAGES OF AN ACCESS CONTROL SYSTEM AND DEVICE FOR IMPLEMENTING SAID METHOD
US5590202A (en) 1995-01-18 1996-12-31 Zenith Electronics Corporation Countdown system for conditional access module
US5568554A (en) 1995-01-31 1996-10-22 Digital Equipment Corporation Method for improving the processing and storage performance of digital signature schemes
US5559889A (en) 1995-03-31 1996-09-24 International Business Machines Corporation System and methods for data encryption using public key cryptography
US7224798B2 (en) * 1995-04-03 2007-05-29 Scientific-Atlanta, Inc. Methods and apparatus for providing a partial dual-encrypted stream in a conditional access overlay system
US6246767B1 (en) 1995-04-03 2001-06-12 Scientific-Atlanta, Inc. Source authentication of download information in a conditional access system
US6560340B1 (en) * 1995-04-03 2003-05-06 Scientific-Atlanta, Inc. Method and apparatus for geographically limiting service in a conditional access system
US8548166B2 (en) 1995-04-03 2013-10-01 Anthony J. Wasilewski Method for partially encrypting program data
US6157719A (en) 1995-04-03 2000-12-05 Scientific-Atlanta, Inc. Conditional access system
US6424717B1 (en) 1995-04-03 2002-07-23 Scientific-Atlanta, Inc. Encryption devices for use in a conditional access system
US6252964B1 (en) * 1995-04-03 2001-06-26 Scientific-Atlanta, Inc. Authorization of services in a conditional access system
US6005938A (en) 1996-12-16 1999-12-21 Scientific-Atlanta, Inc. Preventing replay attacks on digital information distributed by network service providers
US6937729B2 (en) * 1995-04-03 2005-08-30 Scientific-Atlanta, Inc. Representing entitlements to service in a conditional access system
US20040136532A1 (en) * 1995-04-03 2004-07-15 Pinder Howard G. Partial dual-encrypted stream utilizing program map tables
US6108365A (en) 1995-05-05 2000-08-22 Philip A. Rubin And Associates, Inc. GPS data access system
US5621793A (en) 1995-05-05 1997-04-15 Rubin, Bednarek & Associates, Inc. TV set top box using GPS
US5600378A (en) * 1995-05-22 1997-02-04 Scientific-Atlanta, Inc. Logical and composite channel mapping in an MPEG network
US5583939A (en) 1995-06-01 1996-12-10 Chung N. Chang Secure, swift cryptographic key exchange
US5671276A (en) 1995-07-21 1997-09-23 General Instrument Corporation Of Delaware Method and apparatus for impulse purchasing of packaged information services
US6035037A (en) * 1995-08-04 2000-03-07 Thomson Electronic Consumers, Inc. System for processing a video signal via series-connected high speed signal processing smart cards
KR0166923B1 (en) * 1995-09-18 1999-03-20 구자홍 Method and apparatus of preventing an illegal watching and copying in a digital broadcasting system
DE69630012T2 (en) 1995-10-31 2004-06-03 Koninklijke Philips Electronics N.V. DELAYED ACCESS
US6067564A (en) * 1995-10-31 2000-05-23 Sanyo Electric Co., Ltd. Pay broadcasting receiver apparatus
US5764770A (en) 1995-11-07 1998-06-09 Trimble Navigation Limited Image authentication patterning
US5680458A (en) 1995-11-14 1997-10-21 Microsoft Corporation Root key compromise recovery
US5675649A (en) 1995-11-30 1997-10-07 Electronic Data Systems Corporation Process for cryptographic key generation and safekeeping
US5857020A (en) 1995-12-04 1999-01-05 Northern Telecom Ltd. Timed availability of secured content provisioned on a storage medium
JP2000502857A (en) 1995-12-29 2000-03-07 サイエンティフィック―アトランタ・インコーポレーテッド Method and apparatus for providing conditional access in a connection-oriented two-way network with multiple service providers
US5870475A (en) * 1996-01-19 1999-02-09 Northern Telecom Limited Facilitating secure communications in a distribution network
US5828419A (en) 1996-02-29 1998-10-27 Hughes Electronics Method and apparatus for generating television program guides utilizing icons
US5969748A (en) 1996-05-29 1999-10-19 Starsight Telecast, Inc. Television schedule system with access control
US5862220A (en) 1996-06-03 1999-01-19 Webtv Networks, Inc. Method and apparatus for using network address information to improve the performance of network transactions
US6041123A (en) * 1996-07-01 2000-03-21 Allsoft Distributing Incorporated Centralized secure communications system
US5793427A (en) * 1996-10-11 1998-08-11 Divicom Inc. Processing system with delta-based video data encoding
US5907619A (en) * 1996-12-20 1999-05-25 Intel Corporation Secure compressed imaging
US5920626A (en) 1996-12-20 1999-07-06 Scientific-Atlanta, Inc. Analog/digital system for television services
WO1999007145A1 (en) 1997-08-01 1999-02-11 Scientific-Atlanta, Inc. Verification of the source of program of information in a conditional access system
JP2003521718A (en) 1997-08-01 2003-07-15 サイエンティフィック−アトランタ, インコーポレイテッド Source authentication of download information in conditional access system
US7515712B2 (en) * 1997-08-01 2009-04-07 Cisco Technology, Inc. Mechanism and apparatus for encapsulation of entitlement authorization in conditional access system
US7039614B1 (en) 1999-11-09 2006-05-02 Sony Corporation Method for simulcrypting scrambled data to a plurality of conditional access devices
US7216358B1 (en) * 1999-11-19 2007-05-08 Smardtv Sa Digital television conditional access methods and apparatus with multiple data transport mechanism
JP2002271322A (en) * 2001-03-13 2002-09-20 Mitsubishi Electric Corp Scrambling method, transmitter/receiver and receiver using that method
US7151831B2 (en) * 2001-06-06 2006-12-19 Sony Corporation Partial encryption and PID mapping
US7895616B2 (en) 2001-06-06 2011-02-22 Sony Corporation Reconstitution of program streams split across multiple packet identifiers
US7092616B2 (en) 2001-07-19 2006-08-15 Sony Electronics Inc. Method and apparatus for copy protecting video content and producing a reduced quality reproduction of video content for personal use
JP4000809B2 (en) * 2001-10-10 2007-10-31 ソニー株式会社 Encryption / decryption device
US7376233B2 (en) * 2002-01-02 2008-05-20 Sony Corporation Video slice and active region based multiple partial encryption
US8396216B2 (en) * 2003-11-21 2013-03-12 Howard G. Pinder Partial dual-encryption using program map tables
US7490236B2 (en) * 2004-01-14 2009-02-10 Cisco Technology, Inc. Conditional access overlay partial encryption using MPEG transport continuity counter

Also Published As

Publication number Publication date
WO2005004458A2 (en) 2005-01-13
JP2007526664A (en) 2007-09-13
US20040139337A1 (en) 2004-07-15
KR101096975B1 (en) 2011-12-20
EP1656792B1 (en) 2013-08-14
EP1656792A4 (en) 2010-03-17
CA2544623A1 (en) 2005-01-13
EP1656792A2 (en) 2006-05-17
KR20060073894A (en) 2006-06-29
US20070286417A1 (en) 2007-12-13
US7805399B2 (en) 2010-09-28
WO2005004458A3 (en) 2006-05-18
US7224798B2 (en) 2007-05-29
MXPA05014208A (en) 2006-03-13

Similar Documents

Publication Publication Date Title
CA2544623C (en) Methods and apparatus for providing a partial dual-encrypted stream in a conditional access overlay system
CA2530276C (en) A partial dual-encrypted stream utilizing program map tables
US8396216B2 (en) Partial dual-encryption using program map tables
EP1709805B1 (en) Conditional access overlay partial encryption using mpeg transport continuity counter
CA2606395C (en) Processing an mpeg elementary stream in a conditional access overlay environment
KR100952800B1 (en) Partial encryption and pid mapping
KR100993456B1 (en) Apparatus for partial duplicate and partial encryption for packets, appratus for decryption for packets, method of partial duplicating and partial encrypting packets, method of decrypting packets, and computer readable storing medium
KR100952820B1 (en) Partial encryption and pid mapping
KR100952799B1 (en) Decoding and decryption of partially encrypted information
KR20040068994A (en) Elementary stream partial encryption
KR100924053B1 (en) Critical packet partial encryption

Legal Events

Date Code Title Description
EEER Examination request
MKLA Lapsed

Effective date: 20180618