WO1986007224A1 - Method and apparatus for scrambling and descrambling television signals - Google Patents

Method and apparatus for scrambling and descrambling television signals Download PDF

Info

Publication number
WO1986007224A1
WO1986007224A1 PCT/US1986/000801 US8600801W WO8607224A1 WO 1986007224 A1 WO1986007224 A1 WO 1986007224A1 US 8600801 W US8600801 W US 8600801W WO 8607224 A1 WO8607224 A1 WO 8607224A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
encrypted
code
encryption key
descrambling
Prior art date
Application number
PCT/US1986/000801
Other languages
French (fr)
Inventor
Keith Lucas
Original Assignee
Scientific Atlanta, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Scientific Atlanta, Inc. filed Critical Scientific Atlanta, Inc.
Publication of WO1986007224A1 publication Critical patent/WO1986007224A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs
    • H04N21/2347Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs involving video stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26606Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs
    • H04N21/4405Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs involving video stream decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/167Systems rendering the television signal unintelligible and subsequently intelligible
    • H04N7/1675Providing digital key or authorisation information for generation or regeneration of the scrambling sequence

Definitions

  • the present invention relates generally to the field of communication systems and, more particularly, is directed to a method and apparatus for scrambling and descrambling television signals in a subscription television system.
  • the active line period includes one signal which simultaneously represents the instantaneous values of three independent color components.
  • the method by which the three color components are coded into one signal is standardized throughout North America, Canada and Japan. This method is known as the NTSC standard.
  • Alternative standards known as PAL and SECAM have been adopted in other countries but these standards have the same basic format as the NTSC standard, including a line blanking interval and an active line period in each scan line.
  • analogue video signals which are particularly adapted for transmission by satellite and cable, and which lead to improved picture quality in comparison with existing standards, are presently being studied. Such signals are of particular importance to the subscription television field and are based on a time multiplex of the three independent color components during the active line periods of the scan line. Instead of coding the three components into one signal using the NTSC, PAL or SECAM - standard, the components are converted to digital form and sent sequentially using a time- compression technique.
  • MAC Multiplexed Analogue Components
  • Signals generated by a time compression technique also adhere to the same basic format as the NTSC, PAL and SECAM standards, including the presence of a line blanking interval and an active line period in each scan line.
  • the audio portion of the signal may be converted to digital form and transmitted during the line blanking int erval as digi tal da ta.
  • the line blanking interval is ofter referred to as the "data channel" and can include several multiplexed data signals.
  • the color components, audio signals and any signals in the data channel can be collectively referred to as the intelligence portion of the television signal.
  • scrambling a television signal selected parameters of the ana ⁇ logue video components of the signal are modified in accordance with pseudo-random scrambling codes.
  • the codes can be signaled to the television receiver in the data channel of the signal and are used by a decoder at the receiver to descramble the video components for reconstruction to the appropriate format for viewing.
  • the data channel may also be securely encrypted to further frustrate reception of the signal by unauthorized persons.
  • Encryption and decryption are applied to digital data signals and scrambling and descrambling are applied to analogue signals. This distinction is drawn because of the fundamental difference between digital and analogue signals. Digital signals are defined at the bit level where each bit is independent of its neighboring bits. Any encoding, transformation or inversion of the data bits which make up the signal does not affect the signal's transmission characteristics at the bit level.
  • an encrypted digital signal contains all of the information present in the original signal and may be precisely restored to the original signal by decryption.
  • Analogue signals cannot be modified or changed without affecting their transmission characteristics. For example, changing the value of a point on the waveform of an ana ⁇ logue signal without reference to neighboring points on the waveform increases the bandwidth of the signal. Thus, the modified signal requires a wider bandwidth for accurate transmission. Therefore when scrambling an analogue signal, parameters must be selected which result in the least amount of change in transmission characteristics of the signal. Numerous methods may be used to scramble a television signal by modifying the analogue color components of the signal.
  • Such methods include modifying the amplitude of the color components, modifying the time at which the color components are transmitted and modifying both the amplitude and transmission time of the color com ⁇ ponents.
  • Each modification is, of course, done in accordance with a prescribed pattern which may be transmitted to the receiver in the data channel of the television signal.
  • An example of scrambling a tel ⁇ evision signal by modifying the time at which the color components are transmitted is disclosed in commonly assigned U.S. Patent Appli ⁇ cation Serial No. 507,765 entitled “Encryption and Decryption (Scram ⁇ bling and Descrambling) of Video Signals" filed June 24, 1983. Said application is incorporated herein by reference.
  • the color components could also be encrypted while being converted to digital form for time-compressed transmission, as for example in a MAC television signal.
  • Such an encryption method is disclosed in commonly assigned U.S. Patent Application Serial No. 736 J01 entitled “Method and Apparatus for Creating Encrypted and Decrypted Television Signals” filed May 21, 1985. This application is also incorporated herein by reference.
  • the audio component of the television signal can be scrambled in its analogue form or can be converted to digital form, encrypted and transmitted in the data channel.
  • the bit configuration of the digital data signal to be encrypted is modified according to a pattern which is determined at the transmitter.
  • the pattern generally is a member of a large class of similar patterns such that discovery of the pattern through exhaustive search Is extremely unlikely.
  • a precise description of the pattern used for encryption is delivered to a decoder in desig ⁇ nated receivers which then is able to recover the original distribution.
  • the description of the pattern is known in the art as the "encryption key” and the process of informing designated users of the encryption key, or more appropriately the “decryption key,” is known as "key distribution.”
  • the decryption key is derived from the encryption key and permits the encrypted information to be returned to its original form.
  • the decryption key i.e., the reverse of the encryption key
  • the decryption key for decrypting the channel must be com mon to all users.
  • Use of a common decryption key requires that means be provided to prevent circulation of the decryption key to those who are not subscribers to the system or to subscribers who are not presently in good standing.
  • an object of the present invention to provide a method and apparatus for securely scrambling a television signal.
  • ⁇ common decryption must be distributed in such a manner that unauthorized recipients cannot receive the key.
  • One such way of providing this security is to change the decryption key at short intervals (say for exa m ple, every minute), thereby forci ng an unauthorized user of the service to maintain a permanent link with an authorized user so that he may continuously receive the upda t ed decryption key.
  • a second way of fouling unauthorized reception of the decryption key is to perform a secondary encryption of the decryption key and to integrate the decryption key acquisition system at the receiver with data channel decryption in a single device which is dif ⁇ ficult to copy.
  • the method and apparatus for securely scrambling a television signal in accordance with the present invention comprises a three-tier encryption technique.
  • a distribution key is used to encrypt a session key.
  • the distribution key is unique for each subscriber and is held constant for long periods of time.
  • the session key is changed periodically, as for example, weekly or monthly.
  • the encrypted session key is then transmitted in the digital data channel of the television signal.
  • the session key is also used to encrypt a descramble code.
  • the descramble code includes a plurality of keys which are used in the receiver to descramble or decrypt various signals in the receiver, such as the scrambled video components and/or audio signals.
  • the descramble code is also changed periodically, e.g., four times per second in order to provide additional security.
  • the encrypted descramble code is then transmitted in the data channel of the television signal.
  • the encrypted session key is decrypted by a distribution key so that the session key can be used to dec : the encrypted descramble code.
  • the descramble code may then be .ed to descramble or decrypt other signals in the receiver, such as the scram ⁇ bled video components and/or audio signals.
  • a validation code is also transmitted in the data channel of the television signal.
  • the validation code received by the receiver is compared to a locally derived validation code which is developed from the decrypted session key.
  • the decrypted session key is permitted to decrypt the descram ble code.
  • the decrypted descramble code may then be used to decrypt and/or descramble other signals in the receiver.
  • Figures 1 and 2 are graphical representations of a line scanned television signal.
  • Figure 3 is a block diagram of one embodiment of a system for encrypting the code used to descramble and/or decrypt the intelligence portion of a television signal in accordance with the present invention.
  • Figure 4 is a block diagram of one embodiment of a system for decrypting the code used to descramble and/or decrypt the intelligence portion of a television signal in accordance with the present invention.
  • Figures 5, 6 and 7 are block diagrams of other embodiments of a system for decrypting the code used to descramble and/or decrypt the intelligence portion of a television signal in accordance with the present invention.
  • Figure 8 is a block diagram of one- example of a subscription television decoder. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
  • Figures 3 and 4 are block diagrams of one embodiment of a system for scrambling television signals in accordance with the present invention.
  • Figure 3 illustrates encryption at the transmitter end and
  • Figure 4 illustrates decryption at the receiver end.
  • a session key 30 is encrypted in block 33 with a distribution key 32.
  • the distribution key is unique for each subscriber and is held constant for long periods of time.
  • the session key is changed at predetermined intervals, e.g., weekly or monthly.
  • the encrypted session key is then transmitted in the digital data channel of the television signal.
  • the session key is also used to encrypt a descrambling code 31.
  • the descrambling code includes keys for descrambling and/or decrypting various signals in the receiver.
  • These signals may include the scrambled video components of the tele ⁇ vision signal, scrambled or encrypted audio signals and/or other signals which may require descrambling or decryption at the receiver.
  • the encrypted descrambling code is also transmitted in the digital data channel of the television signal.
  • the descrambling code may also be regularly updated, e.g., four times per second, in order to provide fur ⁇ ther security.
  • block 40 represents the received digital data channel of the television signal which includes the encrypted session key and the encrypted descrambling code as shown in Figure 3.
  • the encrypted session key is provided to block 43 along with a distribution key 41.
  • the distribution key is assigned to sub ⁇ scribers in return for a paid subscription to the system.
  • the key is unique to each individual subscriber, or is part of a set of keys large enough to prevent key swapping.
  • Distribution key 41 may be the same as or derived from distribution key 32 shown in Figure 3.
  • the encrypted session key is transmitted in the data channel by the televi ⁇ sion transmitter individually for each distribution key 41 in use.
  • Distribution key 41 is fixed for long periods of time and is maintained secret from the subscriber.
  • One such way of maintaining the distribution key in confidence is to build it inside a custom inte ⁇ grated circuit as indicated by reference No. 42 which also executes session key decryption as shown in block 43.
  • the digital bit pattern of the distribution key is also made long enough to prevent its dis ⁇ covery through exhaustive search.
  • the encrypted session key is decrypted in block 43 by the distribution key and is supplied to block 44 along with the encrypted descrambling code from the data channel.
  • the descrambling code is decrypted in block 44 by the now decrypted session key and is then available for descrambling or decrypting other signals such as the analogue color components of the television signal as shown in block 45, the audio portion of the televi ⁇ sion signal as shown in block 46 and any other signals in the receiver which may require descrambling or decryption as shown in block 47.
  • the present invention provides three tiers of encryption and decryption before the scrambled or encrypted signal is returned to its original form.
  • Figure 5 is a further embodiment of the present invention with respect to decryption at the receiver end. Similar reference numbers are used to identify corresponding elements shown in Fiugre 4.
  • the audio portion of the television signal is encrypted and transmitted in the data channel.
  • the audio and descramble code are decrypted in block 44 using the decrypted session key from block 43 as described above.
  • FIG. 6 A further embodiment of the present invention with respect to decryption at the receiver end is shown , in Figure 6.
  • only one encrypted session key is transmitted to all users. All users employ the same distribution key D but its derivation for each subscriber is unique.
  • the distribution key D is derived from a fixed key K and a subscriber code C.
  • Block 50 represents the received digital data channel of the television signal which includes the encrypted session key and the encrypted video descramble code.
  • the encrypted session key is provided to block 54 where the fixed key K is maintained secret.
  • the subscriber code C from block 51 is also unique to the subscriber and is entered manually by the subscriber.
  • the distribution key D can be changed at infrequent intervals by updating the manual input code C.
  • Distribution key D is derived from fixed key K and subscriber code C in block 52.
  • the encrypted session key is thus decrypted in block 54 by the derived distribution key D and is supplied to block 55 along with the encrypted descrambling code from the data channel.
  • the descrambling code is decrypted in block 55 by the now decrypted session key and is then available for descrambling or decrypting signals in the receiver as represented by blocks 56, 57 and 58.
  • FIG. 7 A further embodiment of the present invention with respect to decryption at the receiver end is shown in Figure 7.
  • the data channel of the signal includes the encrypted ses ⁇ sion key, a unique validation code based on the decoder's address or serial number and the encrypted descrambling code.
  • the session key is provided to block 62 where it is decrypted by a distribution key from block 61.
  • the decrypted encryption key is then provided to block 64 where a unique 32 bit internal validation code is derived based on the session key and the address or serial number of the decoder.
  • the derived validation code is compared to the validation code transmitted in the data channel and if the two match, a logic signal is provided to AND gate 66.
  • AND gate 66 allows the decrypted session keys from block 62 to pass through to block 67 only when the derived internal validation code matches the validation code transmitted in the data channel. The session key may then be used by block 67 to decrypt the descrambling code.
  • every session is 30 seconds in duration and within this period, every decoder decrypts the session key for the next session.
  • the session key is derived within a custom integrated circuit as indicated by reference number 62 in Figure 7 which is very difficult to copy.
  • the session key currently being used to decrypt the video descrambling codes in the data channel is also employed to derive the internal validation code. Single-bit error correction is applied to the received validation codes which are 32-bits in length (sufficient to address up to 4 billion decoders).
  • the session key is released from the custom IC only if an appropriate validation code has been received some time during the last 7 hours of operation on any particular television channel.
  • the validation codes (with error correction bits) comprise a 39 bit word, these being transmitted in a 250 Kb/s channel. Twenty mil ⁇ lion receivers are thereby addressable within each 52 minute period. Over a period of 7 hours, each decoder will be validat ed on 8 separate occasions with a single-error corrected code. With a BER of 10-2, failure of validation at each attempt would occur with probability 0.044. Failure on all eight attempts would occur with a probability 1.4 x 10-11 (MTBF 100 million years).
  • validation codes are that (unlike session keys) they can be received incorrectly for much of the time without affecting service to the customer. Therefore they do not require extensive error correction.
  • the address cycle time is 26 minutes. If most decoders were operating at 10-3 BER, then 99.95% of the decoders would be validated within the normal transmission time of a typical TV program.
  • the television receiver should automatically switch between commonly used channels to gather validation codes when in standby operation.
  • standby operation is not a mandatory requirement provided that session counts (since the last validation) are stored (within the secure IC) in non- violatile memory, and that the receiver is operational for at least one continuous period of 52 minutes during each 7 hour period of use.
  • the receiver can keep track of operational periods and e xtend the 7 hour limi t to an arbitrary maximum to ensure a predetermined probability of receiving a validation code.
  • the receiver could issue messages (via teletext display) requesting a period of operation or standby mode when (according to its counters) only one hour of validation remains.
  • the receiver need not turn off the service completely, i.e., stop descrambling the signal, but, instead, initiate a period of decreasing service, as for example, starting with several hours of monochrome reception.
  • the function of the validation codes is to allow the receiver to 'form a view' concerning the validity of reception for each of the channels in use.
  • the receiver should act intelligently to gather the necessary evidence for its decision, and take action only when sufficient evidence is at hand. In the embodiment shown in Figure 7, within 10 seconds of being switched on (or immediately if in standby mode) the security device has decrypted the session key for the next session.
  • any device designed to deliver session keys, with or without validation, must make use of the distribution keys D (presumably acquired by breaking into one of the security devices). If pirate receivers are discovered which contain particular distribution keys, the corresponding session key encryptions may be excluded from the key distribution channel on condition that all other decoders are left with at least at one key (D) capable of decrypting session keys. This can be arranged by providing each decoder with four keys selected from the 3,000, no two decoders having the same set of four keys. There are 3.3 x 10---2 ways of selecting four differ ⁇ ent keys from 3,000.
  • a scrambled MAC television signal first enters a multiplexer 300, which separates from it the luminance and chrominance signals (i.e., the color components), as well as the audio, synchronization, timing and any teletext information.
  • the luminance signal is delivered to luminance store 302, a CCD line store, where it is decompressed, and then to low-pass filter 304, where it is filtered.
  • the analog luminance signal then goes to output interface 306.
  • the sampling signals necessary to decompress luminance are produced in timing generator 308 and supplied to luminance store 302 by two clock drivers 310.
  • the chrominance signal from demultiplexer 300 is also decom ⁇ pressed in chrominance store 312, which is also a CCD line store. Separate outputs are provided for the two color difference signals, which are filtered in two low-pass filters 314 and then supplied to output interface 306. The necessary sampling signals are supplied to chrominance store 312 from timing generator 308 through three clock drivers 310.
  • Signals not constituting luminance or chrominance are also separated from the MAC television signal by demultiplexer 300.
  • These signals include audio, teletext and synchronization signals which are delivered to demultiplexer 316 through one of two low-pass filters 318; while the fixed-frequency ti mi ng infor mation is delivered to demultiplexer 316 through band-pass filter 320.
  • Demultiplexer 316 separates these signals, supplying the audio to audio demultiplexer 322 and the synchronization and timing signals to clock and synchronization recovery circuit 324 and timing generator 308.
  • Audio information from de m ulti plexer 316 is separated into four cha nnels i n a ud i o demultiplexer 322 and output by analog audio processor 326.
  • Teletext information is sent to character generator 328 via clock and synchro ⁇ nization recovery circuitry 324.
  • Decoder operations are under the con ⁇ trol of microprocessor 330, which communicates with clock and syn ⁇ chronization recovery circuit 324, teletext character generator 328, and RAM 332 over bidirectional buses 334, 336 and 338.
  • Output interface 306 receives teletext characters from character generator 326, luminance from low-pass filter 304, chrominance from low-pass filters 314, and timing signals from timing generator 308. Its output is a standard NTSC color television signal for display on a tele ⁇ vision receiver.

Abstract

A method and apparatus for descrambling a television signal using a three tier encryption technique for the code used to descramble the signal. At the transmitter, a distribution key (41) is used to encrypt a session key. The encrypted session key (40.1) is transmitted in the digital data channel (40) of the television signal. The session key is also used to encrypt the descramble code (40.2) which is also transmitted in the data channel (40) of the television signal. At the receiver (42) the encrypted session key (43) is decrypted using a distribution key (41). The decrypted session key (43), is in turn used to decrypt the descramble code (44). The descramble code may then be used to descramble and/or decrypt other signals (45, 46, 47) in the receiver.

Description

METHOD AND APPARATUS FOR SCRAMBLING AND DESCRAMBLING TELEVISION SIGNALS
BACKGROUND OF THE INVENTION
The present invention relates generally to the field of communication systems and, more particularly, is directed to a method and apparatus for scrambling and descrambling television signals in a subscription television system.
Subscription television systems have gained widespread acceptance as an efficient way of providing a vast selection of infor¬ mation and entertainment programming to the public. However, the cost of a good quality system is high. Thus, care must be taken to ensure an adequate financial return to the broadcaster for maintenance of the system. Toward that end, many broadcasters have turned to scrambling the broadcast signal to induce payment from those desiring the service. Only subscribers to the system are provided with a decoder for descrambling the signal. Moreover, many decoders are designed so that the signal is descrambled only when the subscriber's account is in good standing.
Many scrambling methods and apparatus rely on the fact that television signals are produced and displayed as a result of a line scanning process. . The picture information is scanned using a progres¬ sive series of horizontal lines which are transmitted sequentially in ti me. The transmitted signal is a continuous analogue of the brightness intensity corresponding to each point of the line. Such a signal is shown in Figure 1 from which it may be seen that in a series of standard lines, any two adjacent active line periods (periods during which video information is transmitted) are separated by a period in which no video information is transmitted. This latter period is known as the horizontal line blanking interval and is introduced to allow the scanning device in the television receiver to reset to the line-start position.
In typical color television signals, the active line period includes one signal which simultaneously represents the instantaneous values of three independent color components. The method by which the three color components are coded into one signal is standardized throughout North America, Canada and Japan. This method is known as the NTSC standard. Alternative standards known as PAL and SECAM have been adopted in other countries but these standards have the same basic format as the NTSC standard, including a line blanking interval and an active line period in each scan line.
Other types of analogue video signals which are particularly adapted for transmission by satellite and cable, and which lead to improved picture quality in comparison with existing standards, are presently being studied. Such signals are of particular importance to the subscription television field and are based on a time multiplex of the three independent color components during the active line periods of the scan line. Instead of coding the three components into one signal using the NTSC, PAL or SECAM - standard, the components are converted to digital form and sent sequentially using a time- compression technique. One version of this type of signal is known as Multiplexed Analogue Components (MAC). Signals generated by a time compression technique also adhere to the same basic format as the NTSC, PAL and SECAM standards, including the presence of a line blanking interval and an active line period in each scan line. When a MAC signal is employed, digital data may be transmitted during the line blanking interval as shown by the dotted lines in Figure 2. Thus, the audio portion of the signal may be converted to digital form and transmitted during the line blanking int erval as digi tal da ta. Accordingly, the line blanking interval is ofter referred to as the "data channel" and can include several multiplexed data signals. The color components, audio signals and any signals in the data channel can be collectively referred to as the intelligence portion of the television signal.
In scrambling a television signal, selected parameters of the ana¬ logue video components of the signal are modified in accordance with pseudo-random scrambling codes. The codes can be signaled to the television receiver in the data channel of the signal and are used by a decoder at the receiver to descramble the video components for reconstruction to the appropriate format for viewing. The data channel may also be securely encrypted to further frustrate reception of the signal by unauthorized persons.
Though the terms ''encryption" and "scrambling," and their converse "decryption " an d "descra m bl ing," ar e o f t en us ed interchangeably, there is a distinction between them. Encryption and decryption are applied to digital data signals and scrambling and descrambling are applied to analogue signals. This distinction is drawn because of the fundamental difference between digital and analogue signals. Digital signals are defined at the bit level where each bit is independent of its neighboring bits. Any encoding, transformation or inversion of the data bits which make up the signal does not affect the signal's transmission characteristics at the bit level. Thus, an encrypted digital signal contains all of the information present in the original signal and may be precisely restored to the original signal by decryption. Analogue signals, on the other hand, cannot be modified or changed without affecting their transmission characteristics. For example, changing the value of a point on the waveform of an ana¬ logue signal without reference to neighboring points on the waveform increases the bandwidth of the signal. Thus, the modified signal requires a wider bandwidth for accurate transmission. Therefore when scrambling an analogue signal, parameters must be selected which result in the least amount of change in transmission characteristics of the signal. Numerous methods may be used to scramble a television signal by modifying the analogue color components of the signal. Such methods include modifying the amplitude of the color components, modifying the time at which the color components are transmitted and modifying both the amplitude and transmission time of the color com¬ ponents. Each modification is, of course, done in accordance with a prescribed pattern which may be transmitted to the receiver in the data channel of the television signal. An example of scrambling a tel¬ evision signal by modifying the time at which the color components are transmitted is disclosed in commonly assigned U.S. Patent Appli¬ cation Serial No. 507,765 entitled "Encryption and Decryption (Scram¬ bling and Descrambling) of Video Signals" filed June 24, 1983. Said application is incorporated herein by reference. The color components could also be encrypted while being converted to digital form for time-compressed transmission, as for example in a MAC television signal. Such an encryption method is disclosed in commonly assigned U.S. Patent Application Serial No. 736 J01 entitled "Method and Apparatus for Creating Encrypted and Decrypted Television Signals" filed May 21, 1985. This application is also incorporated herein by reference. Moreover, the audio component of the television signal can be scrambled in its analogue form or can be converted to digital form, encrypted and transmitted in the data channel.
In typical encryption systems, the bit configuration of the digital data signal to be encrypted is modified according to a pattern which is determined at the transmitter. The pattern generally is a member of a large class of similar patterns such that discovery of the pattern through exhaustive search Is extremely unlikely. A precise description of the pattern used for encryption is delivered to a decoder in desig¬ nated receivers which then is able to recover the original distribution. The description of the pattern is known in the art as the "encryption key" and the process of informing designated users of the encryption key, or more appropriately the "decryption key," is known as "key distribution." The decryption key is derived from the encryption key and permits the encrypted information to be returned to its original form.
Numerous encryption codes are available in the art for the secure encryption of digital data. Integrated circuit devices presently exist for certain algorithms which execute high speed encryption and decryption sufficient for the data channel of a television signal. One such algorithm which has gained acceptance as being difficult to break is the Data Encryption Standard (DES) adopted by the U.S. National Bureau of Standards. Other algorithms are also available, the only requirement being that the data channel be essentially impossible to decrypt in the absence of the decryption key.
Since an encrypted data channel containing descrambling codes for the color components of a television signal, and perhaps audio information as well, is ususally encrypted in only one way, the decryption key (i.e., the reverse of the encryption key) for decrypting the channel must be com mon to all users. Use of a common decryption key, however, requires that means be provided to prevent circulation of the decryption key to those who are not subscribers to the system or to subscribers who are not presently in good standing. SUMMARY OF THE INVENTION
It is, therefore, an object of the present invention to provide a method and apparatus for securely scrambling a television signal.
It is a further object of the present invention to encrypt the scrambling codes used to scramble a television signal in a manner that cannot be detected by unauthorized recipients of the television signal.
The use of ά common decryption must be distributed in such a manner that unauthorized recipients cannot receive the key. One such way of providing this security is to change the decryption key at short intervals (say for exa m ple, every minute), thereby forci ng an unauthorized user of the service to maintain a permanent link with an authorized user so that he may continuously receive the upda t ed decryption key. A second way of fouling unauthorized reception of the decryption key is to perform a secondary encryption of the decryption key and to integrate the decryption key acquisition system at the receiver with data channel decryption in a single device which is dif¬ ficult to copy.
The method and apparatus for securely scrambling a television signal in accordance with the present invention comprises a three-tier encryption technique. At the television transmitter, a distribution key is used to encrypt a session key. The distribution key is unique for each subscriber and is held constant for long periods of time. The session key, however, is changed periodically, as for example, weekly or monthly. The encrypted session key is then transmitted in the digital data channel of the television signal. The session key is also used to encrypt a descramble code. The descramble code includes a plurality of keys which are used in the receiver to descramble or decrypt various signals in the receiver, such as the scrambled video components and/or audio signals. The descramble code is also changed periodically, e.g., four times per second in order to provide additional security. The encrypted descramble code is then transmitted in the data channel of the television signal.
At the receiver, the encrypted session key is decrypted by a distribution key so that the session key can be used to dec : the encrypted descramble code. The descramble code may then be .ed to descramble or decrypt other signals in the receiver, such as the scram¬ bled video components and/or audio signals.
In another embodiment of the present invention, a validation code is also transmitted in the data channel of the television signal. The validation code received by the receiver is compared to a locally derived validation code which is developed from the decrypted session key. When the two validation codes match, the decrypted session key is permitted to decrypt the descram ble code. The decrypted descramble code may then be used to decrypt and/or descramble other signals in the receiver. BRIEF DESCRIPTION OF THE DRAWINGS
Figures 1 and 2 are graphical representations of a line scanned television signal.
Figure 3 is a block diagram of one embodiment of a system for encrypting the code used to descramble and/or decrypt the intelligence portion of a television signal in accordance with the present invention.
Figure 4 is a block diagram of one embodiment of a system for decrypting the code used to descramble and/or decrypt the intelligence portion of a television signal in accordance with the present invention.
Figures 5, 6 and 7 are block diagrams of other embodiments of a system for decrypting the code used to descramble and/or decrypt the intelligence portion of a television signal in accordance with the present invention.
Figure 8 is a block diagram of one- example of a subscription television decoder. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
Figures 3 and 4 are block diagrams of one embodiment of a system for scrambling television signals in accordance with the present invention. Figure 3 illustrates encryption at the transmitter end and Figure 4 illustrates decryption at the receiver end. As shown in Figure 3, a session key 30 is encrypted in block 33 with a distribution key 32. The distribution key is unique for each subscriber and is held constant for long periods of time. The session key, on the other hand, is changed at predetermined intervals, e.g., weekly or monthly. The encrypted session key is then transmitted in the digital data channel of the television signal. The session key is also used to encrypt a descrambling code 31. The descrambling code includes keys for descrambling and/or decrypting various signals in the receiver. These signals may include the scrambled video components of the tele¬ vision signal, scrambled or encrypted audio signals and/or other signals which may require descrambling or decryption at the receiver. The encrypted descrambling code is also transmitted in the digital data channel of the television signal. The descrambling code may also be regularly updated, e.g., four times per second, in order to provide fur¬ ther security.
With respect to Figure 4, block 40 represents the received digital data channel of the television signal which includes the encrypted session key and the encrypted descrambling code as shown in Figure 3. The encrypted session key is provided to block 43 along with a distribution key 41. The distribution key is assigned to sub¬ scribers in return for a paid subscription to the system. The key is unique to each individual subscriber, or is part of a set of keys large enough to prevent key swapping. Distribution key 41 may be the same as or derived from distribution key 32 shown in Figure 3. The encrypted session key is transmitted in the data channel by the televi¬ sion transmitter individually for each distribution key 41 in use.
Distribution key 41 is fixed for long periods of time and is maintained secret from the subscriber. One such way of maintaining the distribution key in confidence is to build it inside a custom inte¬ grated circuit as indicated by reference No. 42 which also executes session key decryption as shown in block 43. The digital bit pattern of the distribution key is also made long enough to prevent its dis¬ covery through exhaustive search. The encrypted session key is decrypted in block 43 by the distribution key and is supplied to block 44 along with the encrypted descrambling code from the data channel. The descrambling code is decrypted in block 44 by the now decrypted session key and is then available for descrambling or decrypting other signals such as the analogue color components of the television signal as shown in block 45, the audio portion of the televi¬ sion signal as shown in block 46 and any other signals in the receiver which may require descrambling or decryption as shown in block 47. Thus, the present invention provides three tiers of encryption and decryption before the scrambled or encrypted signal is returned to its original form. Figure 5 is a further embodiment of the present invention with respect to decryption at the receiver end. Similar reference numbers are used to identify corresponding elements shown in Fiugre 4. In this embodiment, the audio portion of the television signal is encrypted and transmitted in the data channel. The audio and descramble code are decrypted in block 44 using the decrypted session key from block 43 as described above.
A further embodiment of the present invention with respect to decryption at the receiver end is shown , in Figure 6. In this embodiment only one encrypted session key is transmitted to all users. All users employ the same distribution key D but its derivation for each subscriber is unique. The distribution key D is derived from a fixed key K and a subscriber code C. Block 50 represents the received digital data channel of the television signal which includes the encrypted session key and the encrypted video descramble code. The encrypted session key is provided to block 54 where the fixed key K is maintained secret. The subscriber code C from block 51 is also unique to the subscriber and is entered manually by the subscriber. The advantage of this system is that only one encrypted session key has to be transmitted. The sessions can, therefore, be brief. More¬ over, the distribution key D can be changed at infrequent intervals by updating the manual input code C. Distribution key D is derived from fixed key K and subscriber code C in block 52. The encrypted session key is thus decrypted in block 54 by the derived distribution key D and is supplied to block 55 along with the encrypted descrambling code from the data channel. The descrambling code is decrypted in block 55 by the now decrypted session key and is then available for descrambling or decrypting signals in the receiver as represented by blocks 56, 57 and 58.
A further embodiment of the present invention with respect to decryption at the receiver end is shown in Figure 7. This embodiment eliminates the need for manual input of a code by the subscriber and the existence of a common distribution key for all subscribers. In this embodiment, the data channel of the signal includes the encrypted ses¬ sion key, a unique validation code based on the decoder's address or serial number and the encrypted descrambling code. The session key is provided to block 62 where it is decrypted by a distribution key from block 61. The decrypted encryption key is then provided to block 64 where a unique 32 bit internal validation code is derived based on the session key and the address or serial number of the decoder. The derived validation code is compared to the validation code transmitted in the data channel and if the two match, a logic signal is provided to AND gate 66. AND gate 66 allows the decrypted session keys from block 62 to pass through to block 67 only when the derived internal validation code matches the validation code transmitted in the data channel. The session key may then be used by block 67 to decrypt the descrambling code.
In the embodi ment shown in Figure 7, every session is 30 seconds in duration and within this period, every decoder decrypts the session key for the next session. The session key is derived within a custom integrated circuit as indicated by reference number 62 in Figure 7 which is very difficult to copy. The session key currently being used to decrypt the video descrambling codes in the data channel is also employed to derive the internal validation code. Single-bit error correction is applied to the received validation codes which are 32-bits in length (sufficient to address up to 4 billion decoders). The session key is released from the custom IC only if an appropriate validation code has been received some time during the last 7 hours of operation on any particular television channel.
The validation codes (with error correction bits) comprise a 39 bit word, these being transmitted in a 250 Kb/s channel. Twenty mil¬ lion receivers are thereby addressable within each 52 minute period. Over a period of 7 hours, each decoder will be validat ed on 8 separate occasions with a single-error corrected code. With a BER of 10-2, failure of validation at each attempt would occur with probability 0.044. Failure on all eight attempts would occur with a probability 1.4 x 10-11 (MTBF 100 million years).
The great advantage of validation codes is that (unlike session keys) they can be received incorrectly for much of the time without affecting service to the customer. Therefore they do not require extensive error correction. In a field of 10 million receivers, the address cycle time is 26 minutes. If most decoders were operating at 10-3 BER, then 99.95% of the decoders would be validated within the normal transmission time of a typical TV program.
With the embodiment shown in Figure 7, the television receiver should automatically switch between commonly used channels to gather validation codes when in standby operation. However, standby operation is not a mandatory requirement provided that session counts (since the last validation) are stored (within the secure IC) in non- violatile memory, and that the receiver is operational for at least one continuous period of 52 minutes during each 7 hour period of use. As an alternative, the receiver can keep track of operational periods and e xtend the 7 hour limi t to an arbitrary maximum to ensure a predetermined probability of receiving a validation code. Additionally the receiver could issue messages (via teletext display) requesting a period of operation or standby mode when (according to its counters) only one hour of validation remains. Finally, at the end of the 7 hour period, the receiver need not turn off the service completely, i.e., stop descrambling the signal, but, instead, initiate a period of decreasing service, as for example, starting with several hours of monochrome reception. Numerous possibilities exist to encourage payment of subscriptions and/or operation to ensure receipt of validation codes. The function of the validation codes is to allow the receiver to 'form a view' concerning the validity of reception for each of the channels in use. The receiver should act intelligently to gather the necessary evidence for its decision, and take action only when sufficient evidence is at hand. In the embodiment shown in Figure 7, within 10 seconds of being switched on (or immediately if in standby mode) the security device has decrypted the session key for the next session. This key will not be released unless the receiver is currently validated, but derivation of the session key occurs independently of the validation process. If it were possible to break the security of the integrated circuit performing this function, it would become feasible to design an alternative circuit which did not require validation, and which released the session key unconditionally.
Although security devices now exist which are extremely difficult to copy, a potential security risk is apparent, and a scheme has been designed for its avoidance. Any device designed to deliver session keys, with or without validation, must make use of the distribution keys D (presumably acquired by breaking into one of the security devices). If pirate receivers are discovered which contain particular distribution keys, the corresponding session key encryptions may be excluded from the key distribution channel on condition that all other decoders are left with at least at one key (D) capable of decrypting session keys. This can be arranged by providing each decoder with four keys selected from the 3,000, no two decoders having the same set of four keys. There are 3.3 x 10---2 ways of selecting four differ¬ ent keys from 3,000. All copies of any single decoder can be elim¬ inated by the exclusion of its four encrypted session keys, leaving all others (of the 20 million) operational. If a second decoder is copied, all copies can be again disabled at zero cost. Up to ten decoders can be eliminated in. this manner. Thereafter, further exclusions will cause some legal decoders to become disabled. These decoders (and the customers who own them) can be predicted through software at the transmitter end. To simultaneously disable all copies of 20 different decoders in a field of 20 million would require replacement of only 10 legal decoders. With reference to Figure 8, a block diagram is provided showing one example of a decoder which can be used to implement the present invention. A further example of such a decoder is described in com¬ monly assigned U.S. Patent Application Serial No. 507,565 entitled "Encryption and Decryption of Video Signals" filed June 24, 1983 and which is incorporated herein by reference.
As shown in Figure 8, a scrambled MAC television signal first enters a multiplexer 300, which separates from it the luminance and chrominance signals (i.e., the color components), as well as the audio, synchronization, timing and any teletext information. The luminance signal is delivered to luminance store 302, a CCD line store, where it is decompressed, and then to low-pass filter 304, where it is filtered. The analog luminance signal then goes to output interface 306. The sampling signals necessary to decompress luminance are produced in timing generator 308 and supplied to luminance store 302 by two clock drivers 310.
The chrominance signal from demultiplexer 300 is also decom¬ pressed in chrominance store 312, which is also a CCD line store. Separate outputs are provided for the two color difference signals, which are filtered in two low-pass filters 314 and then supplied to output interface 306. The necessary sampling signals are supplied to chrominance store 312 from timing generator 308 through three clock drivers 310.
Signals not constituting luminance or chrominance are also separated from the MAC television signal by demultiplexer 300. These signals include audio, teletext and synchronization signals which are delivered to demultiplexer 316 through one of two low-pass filters 318; while the fixed-frequency ti mi ng infor mation is delivered to demultiplexer 316 through band-pass filter 320. Demultiplexer 316 separates these signals, supplying the audio to audio demultiplexer 322 and the synchronization and timing signals to clock and synchronization recovery circuit 324 and timing generator 308. Audio information from de m ulti plexer 316 is separated into four cha nnels i n a ud i o demultiplexer 322 and output by analog audio processor 326. Teletext information is sent to character generator 328 via clock and synchro¬ nization recovery circuitry 324. Decoder operations are under the con¬ trol of microprocessor 330, which communicates with clock and syn¬ chronization recovery circuit 324, teletext character generator 328, and RAM 332 over bidirectional buses 334, 336 and 338.
Output interface 306 receives teletext characters from character generator 326, luminance from low-pass filter 304, chrominance from low-pass filters 314, and timing signals from timing generator 308. Its output is a standard NTSC color television signal for display on a tele¬ vision receiver.
The present invention has been described in detail in connection with preferred embodiments. These embodiments, however, are merely examples and the invention is not restricted thereto. It will be under¬ stood by those skilled in the art from a reading of the specification that variations and modifications can be made within the scope of the present invention as defined by the appended claims.

Claims

1. An apparatus for encrypting a code for descrambling and/or decrypting information, said apparatus comprising: first encryption key means for providing a first encryption key; second encryption key means for providing a second encryption key; first encryption means for encrypting said second encryption key in accordance with said first encryption key; second encryption means for encrypting said code in accordance with said second encryption key, said encrypted second encryption key and said encrypted code being provided for descrambling and/or decrypting said information.
2. The apparatus of claim 1 wherein said information is the intelligence portion of a television signal.
3. The apparatus of claim 2 wherein said code includes a plurality of keys for descrambling and/or decrypting said intelligence portion of said television signal.
4. The apparatus of claim 2 further comprising transmission means for transmitting said encrypted second encryption key and said encrypted code to a receiver which receives said television signal.
5. The apparatus of claim 4 wherein said transmission means is the television transmitter which transmits said television signal.
6. The apparatus of claim 1 wherein said code is periodically changed.
7. The apparatus of claim 1 wherein said first encryption key is periodically changed.
8. An apparatus for decrypting a code for descrambling and/or decrypting information, wherein said code is encrypted in accordance with an encrypted first encryption key, said apparatus com¬ prising: decryption key means for providing a first decryption key; first decryption means for decrypting said encrypted encryption key in accordance with said decryption key; second decryption means for decrypting said code in accordance with said encryption key for descrambling and/or decrypting said information.
9. The apparatus of claim 8 wherein said information is the intelligence portion of a television signal.
10. The apparatus of claim 9 wherein said code includes a plurality of keys for descrambling and/or decrypting said intelligence portion of said television signal.
11. A system for encrypting a code for descrambling and/or decrypting information and for decrypting said code, said system com¬ prising: first encryption key means for providing a first encryption key; second encryption key means for providing a second encryption key; first encryption m eans for encrypting said second encryption key in accordance with said first encryption key; second encryption means for encrypting said code in accordance with said second encryption key; first decryption key means for providing a first decryption key; first decryption means for decrypting said encrypted second encryption key in accordance with said first decryption key; second decryption means for decrypting said code in accordance with said second decryption key for descrambling and/or decrypting said information.
12. The apparatus of claim 11 wherein said information is the intelligence portion of a television signal.
13. The apparatus of claim 12 wherein said code includes a plurality of keys for descrambling and/or decrypting said intelligence portion of said television signal.
14. The apparatus of claim 12 further comprising transmission means for transmitting said encrypted second encryption key and said encrypted code to a receiver which receives said television signal.
15. The apparatus of claim 14 wherein said transmission means is the television transmitter which transmits said television signal.
16. The a ppa ra t us o f clai m 11 wherein said code is periodically changed.
17. The apparatus of claim 11 wherein said first encryption key is periodically changed.
18. A method for encrypting a code for descrambling and/or decrypting information, said method comprising the steps of: providing a first encryption key; providing a second encryption key; encrypting said second encryption key in accordance with said first encryption key; and encrypting said code in accordance with said second encryption key, said encrypted second encryption key and said encrypted code being provided for descrambling and/ or decrypting said information.
19. The method of claim 18 further including the step of transmitting said encrypted second encryption key and said encrypted code to a receiver which receives said television signal.
20. The . method of claim 18 further including the step of periodically changing said code.
21. The method of claim 18 further including the step of periodically changing said first encryption key.
22. A method for decrypting a code for descrambling and/or decrypting information, wherein said code is encrypted in accordance with an encrypted first encryption key, said method comprising the steps of: providing a decryption key; decrypting said encrypted first encryption key in accord¬ ance with said first decryption key; decrypting said code in accordance with said first encryption key for descrambling and/or decrypting said information.
23. A method for scrambling and descrambling a line-scanned television signal of the type wherein in each line there is a first period during which video information is present and a second period during which no video information is present, said method comprising the steps of: scrambling said video information in accordance with video scrambling codes; providing video descrambling codes for descrambling said scrambled video information; encrypting said video descrambling codes in accordance with a first encryption key; providing a session key for decrypting said encrypted video descrambling codes; encrypting said session key in accordance with a second encryption key; including said encrypted video descrambling codes and said encrypted session key in said television signal during said second period during which no video information is present; and providing a distributing key at the receiver which receives said television signal, said distribution key being provided to decrypt said encrypted session key, said decrypted session key being used to decrypt said encrypted video descramble codes, said decrypted video descramble codes being used to descramble said scrambled video infor¬ mation.
24. The method of claim 23 wherein said step of providing a session key includes the step of deriving said session key from said first encryption key.
25. The method of claim 1 wherein the step of providing a distribution key at said receiver includes the step of deriving said distribution key from said second encryption key.
26. The method of claim 23 wherein said step of providing at least one session key includes the step of providing a unique session key for each of said receivers which receive said television signal.
27. The method of claim 4 wherein the step of providing a distribution key includes the step of providing a distribution key for each of said unique session key.
28. The method of claim 1 wherein said session key and said distribution key are changed periodically.
29. A method for scrambling and unscrambling a line-scanned television signal of the type wherein in each line there is a first period during which video information is present and a second period during which no video information is present, said method comprising the steps of: scrambling said video information in accordance with video scrambling codes; providing video descrambling codes for descrambling said scrambled video information; encrypting said video descrambling codes in accordance with a first encryption key; providing a session key for decrypting said encrypted video descrambling codes; encrypting said session key in accordance with a . second encryption key; including said encrypted video descrambling codes and said encrypted session key in said television during said second period during which no video information is present; and providi ng a subscriber code and a fixed key at the receiver which receives said television signal, said subscriber code and said fixed key being used to derive a distribution key, said distribution key being used to decrypt said encrypted session key, said decrypted session key being used to decrypt said encrypted video descramble codes, said decrypted video descramble codes being used to descramble said scrambled video information.
30. The method of claim 29 wherein said step of providing a session key includes the step of deriving said session key from said first encryption key.
31. The m ethod of clai m 29 wherein said session key is changed periodically.
32. The method of claim 29 wherein the step of providing a subscriber code and a fixed key includes the step of providing a unique subscriber code for each of said receivers which receive said television signal.
33. A method for scrambling and unscrambling a line-scanned television signal of the type wherein in each line there is a first period during which video information is present and a second period during which no video information is present, said method comprising the steps of: scrambling said video information in accordance with video scrambling codes; providing video descrambling codes for descrambling said scrambled video information; encrypting said video descrambling codes in accordance with a first encryption key; providing a plurality of validation codes, each of said plu¬ rality of validation codes being unique for each of said receivers which receives said television signal; encrypting said session key in accordance with a second encryption key; transmitting said encrypted video descrambling codes, said encrypted session key and said plurality of validation codes during said second period in said television signal during which no video information is present; and providing a distribution key at the receiver which receives said television signal, said distribution key being provided to decrypt said encrypted session key, said decrypted session key being used to derive an internal validation code within each of said receivers, said internally derived validation code being compared with said plurality of validation codes, said comparator providing a logic signal indication when a match is found, said logic signal enabling logic means to permit said decrypted session key to decrypt said encrypted video descramble codes, said decrypted video descramble codes being used to descramble said scrambled video information.
34. The method of claim 33 wherein said step of providing a session key for decrypting said encrypted video descrambling codes includes the step of deriving said session key from said first encryption key.
35. The method of claim 33 wherein the step of providing a distribution key at said receiver includes the step of deriving said distribution key from said encryption key.
36. The method of claim 33 wherein the step of providing a distribution key at the receiver includes the step of providing a distribution key which matches said unique session key for each of said receivers.
37. The method of claim 33 wherein said session key and said distribution keys are changed periodically.
PCT/US1986/000801 1985-05-24 1986-04-21 Method and apparatus for scrambling and descrambling television signals WO1986007224A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US73759985A 1985-05-24 1985-05-24
US737,599 1985-05-24

Publications (1)

Publication Number Publication Date
WO1986007224A1 true WO1986007224A1 (en) 1986-12-04

Family

ID=24964519

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1986/000801 WO1986007224A1 (en) 1985-05-24 1986-04-21 Method and apparatus for scrambling and descrambling television signals

Country Status (6)

Country Link
EP (1) EP0222818A1 (en)
JP (1) JPS62503066A (en)
CN (1) CN86103053A (en)
AU (1) AU5812086A (en)
WO (1) WO1986007224A1 (en)
ZA (1) ZA862839B (en)

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2241096A (en) * 1990-02-14 1991-08-21 Enfranchise Sixty Ltd Controlling access to broadcast signals
EP0809402A1 (en) * 1990-02-01 1997-11-26 Scientific-Atlanta, Inc. External security module for a television signal decoder
DE19726003A1 (en) * 1997-06-19 1998-12-24 Alsthom Cge Alcatel Method for transmitting encrypted signals, and transmitting device and receiving device therefor
EP0937348A1 (en) * 1996-11-07 1999-08-25 MCI Worldcom, Inc. System and method for providing security in data communication systems
WO2000059222A1 (en) * 1999-03-30 2000-10-05 Sony Electronics, Inc. Method and apparatus for securing control words
EP1418750A1 (en) 2002-11-11 2004-05-12 STMicroelectronics Limited Security integrated circuit
US7039614B1 (en) 1999-11-09 2006-05-02 Sony Corporation Method for simulcrypting scrambled data to a plurality of conditional access devices
US8098818B2 (en) 2003-07-07 2012-01-17 Qualcomm Incorporated Secure registration for a multicast-broadcast-multimedia system (MBMS)
US8121296B2 (en) 2001-03-28 2012-02-21 Qualcomm Incorporated Method and apparatus for security in a data processing system
US8713400B2 (en) 2001-10-12 2014-04-29 Qualcomm Incorporated Method and system for reduction of decoding complexity in a communication system
US8718279B2 (en) 2003-07-08 2014-05-06 Qualcomm Incorporated Apparatus and method for a secure broadcast system
US8971790B2 (en) 2003-01-02 2015-03-03 Qualcomm Incorporated Method and apparatus for broadcast services in a communication system
US8983065B2 (en) 2001-10-09 2015-03-17 Qualcomm Incorporated Method and apparatus for security in a data processing system
US9100457B2 (en) 2001-03-28 2015-08-04 Qualcomm Incorporated Method and apparatus for transmission framing in a wireless communication system
US9467287B2 (en) 1997-04-23 2016-10-11 Sony Corporation Enciphering apparatus and method, deciphering apparatus and method as well as information processing apparatus and method

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4792972A (en) * 1986-08-19 1988-12-20 Scientific-Atlanta, Inc. Remote programming of CATV channel authorization unit
US4864615A (en) * 1988-05-27 1989-09-05 General Instrument Corporation Reproduction of secure keys by using distributed key generation data
US7069590B1 (en) * 2000-02-17 2006-06-27 Microsoft Corporation System and method for protecting data streams in hardware components

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4388643A (en) * 1981-04-06 1983-06-14 Northern Telecom Limited Method of controlling scrambling and unscrambling in a pay TV system
US4484027A (en) * 1981-11-19 1984-11-20 Communications Satellite Corporation Security system for SSTV encryption
US4531020A (en) * 1982-07-23 1985-07-23 Oak Industries Inc. Multi-layer encryption system for the broadcast of encrypted information

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4388643A (en) * 1981-04-06 1983-06-14 Northern Telecom Limited Method of controlling scrambling and unscrambling in a pay TV system
US4484027A (en) * 1981-11-19 1984-11-20 Communications Satellite Corporation Security system for SSTV encryption
US4531020A (en) * 1982-07-23 1985-07-23 Oak Industries Inc. Multi-layer encryption system for the broadcast of encrypted information

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0809402A1 (en) * 1990-02-01 1997-11-26 Scientific-Atlanta, Inc. External security module for a television signal decoder
GB2241096A (en) * 1990-02-14 1991-08-21 Enfranchise Sixty Ltd Controlling access to broadcast signals
WO1991012693A1 (en) * 1990-02-14 1991-08-22 Enfranchise Sixty Limited Apparatus and method for controlling access to broadcast signals
GB2241096B (en) * 1990-02-14 1994-03-23 Enfranchise Sixty Ltd Apparatus and method for controlling access to broadcast signals
EP0937348A1 (en) * 1996-11-07 1999-08-25 MCI Worldcom, Inc. System and method for providing security in data communication systems
EP0937348A4 (en) * 1996-11-07 2003-01-02 Mci Worldcom Inc System and method for providing security in data communication systems
US9467287B2 (en) 1997-04-23 2016-10-11 Sony Corporation Enciphering apparatus and method, deciphering apparatus and method as well as information processing apparatus and method
DE19726003A1 (en) * 1997-06-19 1998-12-24 Alsthom Cge Alcatel Method for transmitting encrypted signals, and transmitting device and receiving device therefor
KR100735761B1 (en) * 1999-03-30 2007-07-06 소니 일렉트로닉스 인코포레이티드 Method and apparatus for securing control words
WO2000059222A1 (en) * 1999-03-30 2000-10-05 Sony Electronics, Inc. Method and apparatus for securing control words
CN100361529C (en) * 1999-03-30 2008-01-09 索尼电子有限公司 Method and apparatus for securing control words
US7039614B1 (en) 1999-11-09 2006-05-02 Sony Corporation Method for simulcrypting scrambled data to a plurality of conditional access devices
US9100457B2 (en) 2001-03-28 2015-08-04 Qualcomm Incorporated Method and apparatus for transmission framing in a wireless communication system
US8121296B2 (en) 2001-03-28 2012-02-21 Qualcomm Incorporated Method and apparatus for security in a data processing system
US8983065B2 (en) 2001-10-09 2015-03-17 Qualcomm Incorporated Method and apparatus for security in a data processing system
US8730999B2 (en) 2001-10-12 2014-05-20 Qualcomm Incorporated Method and system for reduction of decoding complexity in a communication system
US8713400B2 (en) 2001-10-12 2014-04-29 Qualcomm Incorporated Method and system for reduction of decoding complexity in a communication system
US7836300B2 (en) 2002-11-11 2010-11-16 Stmicroelectronics Limited Security integrated circuit
EP1418750A1 (en) 2002-11-11 2004-05-12 STMicroelectronics Limited Security integrated circuit
US8971790B2 (en) 2003-01-02 2015-03-03 Qualcomm Incorporated Method and apparatus for broadcast services in a communication system
US8098818B2 (en) 2003-07-07 2012-01-17 Qualcomm Incorporated Secure registration for a multicast-broadcast-multimedia system (MBMS)
US8718279B2 (en) 2003-07-08 2014-05-06 Qualcomm Incorporated Apparatus and method for a secure broadcast system

Also Published As

Publication number Publication date
JPS62503066A (en) 1987-12-03
ZA862839B (en) 1986-12-30
EP0222818A1 (en) 1987-05-27
AU5812086A (en) 1986-12-24
CN86103053A (en) 1986-11-19

Similar Documents

Publication Publication Date Title
EP0194769B1 (en) Cryptographic system for a direct broadcast by satellite network
EP0200310B1 (en) Direct broadcast satellite signal transmission system
US4887296A (en) Cryptographic system for direct broadcast satellite system
AU645943B2 (en) Conversion of television signal formats with retention of common control data stream
JP3476481B2 (en) Independent external security module for digitally enhanced television signal decoder
US5204900A (en) Coding system for descrambling video
US5200823A (en) Virtual channels for a multiplexed analog component (mac) television system
EP0891670B1 (en) Method for providing a secure communication between two devices and application of this method
AU704421B2 (en) Method and apparatus for controlling the operation of a signal decoder in broadcasting system
US4864614A (en) Authorising coded signals
WO1986007224A1 (en) Method and apparatus for scrambling and descrambling television signals
US5930361A (en) Video inversion detection apparatus and method
CZ9602937A3 (en) Process and apparatus for transmission and reception of signal
JPH06125554A (en) Protective method for encoding of sunscribed satellite television
JPH07131454A (en) Repeating installation, decoder, and enciphered broadcast equipment
EP0179612B1 (en) Cryptographic system for direct broadcast satellite network
USRE31735E (en) Subscriber-limited reception television broadcast security encoder-decoder system
EP0614593A1 (en) System for broadband descrambling of sync suppressed television signals
EP0116082B1 (en) Secure coding and decoding system and method for television program signals
JPH07131443A (en) Repeating installation
JP2913825B2 (en) Paid subtitle broadcast transmitter / receiver
KR960014685B1 (en) System of scramble and descramble
JP2542584B2 (en) Subscription broadcasting system
JPH0530114B2 (en)
Kupnicki et al. High Security Television Transmission using Digital Processing

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AT AU BB BG BR CH DE DK FI GB HU JP KP KR LK LU MC MG MW NL NO RO SD SE SU

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH DE FR GB IT LU NL SE

WWE Wipo information: entry into national phase

Ref document number: 1986902982

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1986902982

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 1986902982

Country of ref document: EP

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642