METHOD FOR PROVIDING A SECURE COMMUNICATION BETWEEN TWO DEVICES AND APPLICATION OF THIS METHOD

PROCEDE SERVANT A ETABLIR UNE COMMUNICATION SURE ENTRE DEUX DISPOSITIFS ET MISE EN APPLICATION DU PROCEDE

English Abstract

In a method for providing a secure communication between two devices, a first
device generates a random key (Ci) and transfers
this key to a second device in a first message encrypted using a plublic key.
The second device decrypts the first encrypted message by
means of a corresponding secret key to obtain the random key (Ci) and this
random key is used to encrypt and decrypt all transmissions
between these devices. In a decoder for a pay TV system, comprising a
conditional access module and a smart card, this method is applied
to provide a secure communication between the control access module and the
smart card and/or between the decoder and the conditional
access module.

French Abstract

Dans un procédé servant à créer une communication sûre entre deux dispositifs, un premier dispositif génère un code à accès sélectif (Ci) et transfère ce code à un deuxième dispositif dans un premier message crypté au moyen d'un code public. Le deuxième dispositif décrypte le premier message crypté au moyen d'un code secret correspondant, afin d'obtenir le code à accès sélectif (Ci) et ce dernier est utilisé afin de crypter et de décrypter toutes les transmissions entre ces dispositifs. Dans un décodeur pour système de télévision payante, comprenant un module d'accès conditionnel et une carte intelligente, ce procédé permet d'établir une communication sûre, soit entre le module d'accès de commande et la carte intelligente, soit entre le décodeur et le module d'accès conditionnel.

Claims

-6-

CLAIMS

What is claimed is

1. Method for providing a secure communication between two devices (4, 5),
wherein a
first device (4) generates a random key (Ci) and transfers said key to a
second device (5) in a
first message encrypted using a public key, wherein said second device (5)
decrypts the first
encrypted message by means of a corresponding secret key to obtain said random
key (Ci),
wherein said random key is used to encrypt and decrypt transmissions from said
second to
said first device.

2. Method according to claim 1, wherein after decrypting said encrypted
message, said
second device (5) first returns said random key (Ci) in a second encrypted
message with an
authentication to said first device (4).

3. Method according to claim 2, wherein for providing said authentication said
first
device (4) further generates a random number (A) and transfers this random
number (A)
together with said random key (Ci) in said first encrypted message to the
second device (5),
wherein the second device uses said random number (A) for authentication in
the second
encrypted message.

4. Method according to claim 3, wherein said second device (5) encrypts said
random
number (A) under said random key (Ci) to obtain said second encrypted message.

5. Application of the method of any one of claims 1-4 in a decoder for a pay
TV system,
wherein said decoder comprises a control access module (CAM) (4) and a smart
card (SC)
(5), wherein said method is applied to provide a secure communication between
the control
access module (4) and the smart card (5).

6. Application of the method of any one of claims 1-4 in a decoder for a pay
TV system,
wherein said decoder comprises a conditional access module (CAM) (4) and a
smart card
(SC) (5), wherein said method is applied to provide a secure communication
between the
decoder and the conditional access module (4).



-7-

7. Decoder for a pay TV system, comprising a conditional access module (4) and
a smart
card (5), said conditional access module comprising means (8) for generating a
random key
(Ci), means (8) for encrypting said key in a first encrypted message using a
public key
encryption method, means (8) for transferring said first encrypted message to
the smart card,
said smart card (5) comprising means (10) for receiving and decrypting said
first encrypted
message to obtain said random key, means (10) for encrypting transmissions to
the
conditional access module under said random key, said conditional access
module (4) having
means (8) to decrypt said transmissions received from the smart card.

8. Decoder according to claim 7, wherein said smart card (5) comprises means
(10) for
returning said random key to the conditional access module in a second
encrypted message
with an authentication.

9. Decoder according to claim 8, wherein said generating means (8) of the
conditional
access module (4) further generates a random number which is included in said
first encrypted
message, wherein the smart card (5) is adapted to use said random number as
authentication
in the second encrypted message.

10. Decoder system for a pay TV system, comprising a decoder and a conditional
access
module (4), wherein said decoder comprises means (6) for generating a random
key (Ci),
means (6) for encrypting said key in a first encrypted message using a public
key encryption
method, means (6) for transferring said first encrypted message to the
conditional access
module (4), said conditional access module comprising means (8) for receiving
and
decrypting said first encrypted message to obtain said random key, means (8)
for encrypting
transmissions to the decoder under said random key, said decoder having means
(6) to decrypt
said transmissions received from the conditional access module.

11. Decoder system according to claim 10, wherein said conditional access
module (4)
comprises means (8) for returning said random key to the decoder in a second
encrypted
message with an authentication.


-8-

12. Decoder system according to claim 11, wherein said generating means (6) of
the
decoder further generates a random number which is included in said first
encrypted message,
wherein the conditional access module (4) is adapted to use said random number
as
authentication in the second encrypted message.

13. A method for providing a secure communication between two devices in a
decoder for
a pay TV system, wherein said decoder comprises a conditional access module
(CAM) and a
smart card (SC), wherein a first device generates a random key (Ci) and
transfers said key to a
second device in a first message encrypted using a public key, wherein said
second device
decrypts the first encrypted message by means of a corresponding secret key to
obtain said
random key of a corresponding secret key to obtain said random key (Ci),
wherein after
decrypting said encrypted message, said second device first returns said
random key (Ci) in a
second encrypted message with an authentication to said first device, wherein
said random
key (Ci) is used to encrypt and decrypt transmissions between said devices.

14. The method according to claim 13, wherein for providing said
authentication said first
device further generates a random number (A) and transfers this random number
(A) together
with said random key (Ci) in said first encrypted message to the second
device, wherein the
second device uses said random number (A) for authentication in the second
encrypted
message.

15. The method according to claim 14, wherein said second device encrypts said
random
number (A) under said random key (Ci) to obtain said second encrypted message.

16. The method of claim 13, wherein said method provides a secure
communication
between the conditional access module and the smart card.

17. The method of claim 13, wherein said method provides a secure
communication
between the decoder and the conditional access module.

18. The method of claim 14, wherein said method provides a secure
communication
between the conditional access module and the smart card.


-9-

19. The method of claim 15, wherein said method provides a secure
communication
between the conditional access module and the smart card.

20. The method of claim 14, wherein said method provides a secure
communication
between the decoder and the conditional access module.

21. The method of claim 15, wherein said method provides a secure
communication
between the decoder and the conditional access module.

22. A decoder for use in a decoder system for a pay TV system, the decoder
system
having a conditional access module, the conditional access module including
means for
receiving a first encrypted message encrypted under a random key (Ci) and
means for
decrypting the first encrypted message, the conditional access module further
including
means for encrypting transmissions to decoder, said decoder comprising:
means for generating the random key (Ci);
means for encrypting the random key in the first encrypted message using a
public key
encryption method;
means for transferring the first encrypted message to the conditional access
module for
the conditional access module to retrieve the random key; and
means for decrypting the transmissions encrypted under the random key and
received
from the conditional access module.

23. The decoder of claim 22, wherein said generating means further generates a
random
number which is included in the first encrypted message, wherein the
conditional access
module is adapted to use said random number as authentication for returning
the random key
to the decoder in a second encrypted message.

24. A conditional access module for use in a decoder system for a pay TV
system, the
decoder system having a decoder, the decoder including means for generating a
random key,
means for encrypting the random key in a first encrypted message using a
public key
encryption method, and means for transferring the first encrypted message to
said conditional
access module, said conditional access module comprising:


-10-

means for receiving and decrypting the first encrypted message to obtain the
random
key; and
means for encrypting transmissions to the decoder under the random key,
wherein the decoder decrypts said transmissions received from the conditional
access module.

25. The conditional access module of claim 24, said conditional access module
further
comprising means for returning the random key to the decoder in a second
encrypted message
with an authentication.

26. The conditional access module of claim 25, wherein the generating means of
the
decoder further generates a random number which is included in the first
encrypted message,
wherein said conditional access module is adapted to use said random number as
authentication in the second encrypted message.

Description

CA 02250833 2005-07-04
Method for Providing a Secure Communication Between Two Devices and
Application of This Method
The present invention relates to a method for providing a secure communication
between two devices, in particular between devices used in a pay TV system.
In a pay TV system each subscriber generally has a decoder for descrambling
the
source component signal, wherein said decoder comprises a conditional access
module and a
smart card for decrypting entitlement control messages and entitlement
management
messages. In order to prevent unauthorized operation of the decoder for
descrambling a
source component signal it is important to prevent switching between an
authorized and an
unauthorized smart card for example.
EP-A-0 428 252 discloses a method for providing a secure communication between
two devices and an application of this method in a pay TV system. In this
known method the
authenticity of a second device, i.e. a smart card, is checked by a first
device.
US-A-5 029 207 discloses a method for providing a secure communication between
two devices and an application of this method in a pay TV system. In this
known method a
first key is transmitted in an encrypted message from an encoder to a decoder
and the decoder
decrypts this message to obtain the first key to decrypt the program signal. A
secret serial
number is used for encryption and decryption. There are no transmissions from
the decoder to
the encoder.
The invention aims to provide a method of the abovementioned type wherein the
communication between two devices, such as the control access module and the
smart card or
the decoder and the conditional access module, is arranged in such a manner
that switching
between authorized and unauthorized devices is not possible.
According to the invention a method is provided, wherein a first device
generates a
random key (Ci) and transfers said key to a second device in a first message
encrypted using a
public key, wherein said second device decrypts the first encrypted message by
means of a
21421747.3


CA 02250833 2005-07-04
-2-
corresponding secret key to obtain said random key (Ci), wherein said random
key is used to
encrypt and decrypt further transmissions from said second to said first
device.
According to the invention this method can be applied in a decoder for a pay
TV
system, wherein said decoder comprises a conditional access module and a smart
card,
wherein said method is applied to provide a secure communication between the
control access
module and the smart card or between the decoder and the conditional access
module.
The invention further provides a decoder for a pay TV system, comprising a
conditional access module and a smart card, said conditional access module
comprising
means for generating a random key (Ci), means for encrypting said key in a
first encrypted
message using a public key encryption method, means for transferring said
first encrypted
message to the smart card, said smart card comprising means for receiving and
decrypting
said first encrypted message to obtain said random key, means for encrypting
transmissions to
the conditional access module under said random key, said conditional access
module having
means to decrypt said transmissions received from the smart card.
In a further aspect of the invention, there is provided a decoder system for a
pay TV
system, comprising a decoder and a conditional access module, wherein said
decoder
comprises means for generating a random key (Ci), means for encrypting said
key in a first
encrypted message using a public key encryption method, means for transferring
said first
encrypted message to the conditional access module, said conditional access
module
comprising means for receiving and decrypting said first encrypted message to
obtain said
random key, means for encrypting transmissions to the decoder under said
random key, said
decoder having means to decrypt said transmissions received from the
conditional access
module.
The invention will be further explained by reference to the drawings in which
an
embodiment of the method of the invention is explained as applied in a decoder
for a pay TV
system.
Fig. 1 shows a block diagram of an embodiment of the decoder according to the
present invention.
21421747.3


CA 02250833 2005-07-04
-3-
Fig. 2 shows a sequence of steps of an embodiment of the method of the
invention.
Referring to fig. 1 there is shown in a very schematical manner a block
diagram of a
decoder for a pay TV system, wherein digital information signals are scrambled
using a
control word in accordance with the Eurocrypt standard for example. In this
embodiment the
decoder comprises a demodulator l, a demultiplexer 2 and a decompression unit
3. The
decoder further comprises a conditional access module or CAM 4 and a smart
card 5 which
can be inserted into a connection slot of the conditional access module 4.
Further the decoder
is provided with a microprocessor 6 for configuration and control purposes.
The conditional access module 4 is provided with a descrambler unit 7 and a
microprocessor 8 having a memory 9. The smart card S comprises a
microprocessor 10 having
a memory 1 I.
As the operation of the above-mentioned parts of the decoder is not a part of
the
present invention, this operation will not be described in detail. Typically,
the signal received
by the demodulator I is a modulated data stream between 950 MHz and 2050 MHz.
The
output of the demodulator 1 is a scrambled digital data stream which is
provided to the CAM
4 and the descrambler 7 will be allowed to descramble this scrambled data
stream assuming
that an authorized smart card has been inserted and the subscriber is entitled
to receive the
program. The descrambled data stream is demultiplexed by the demultiplexer 2
and
decompressed and converted into the original analogue audio and video signal
by the
decompression unit 3.
In a pay TV system the control word required for descrambling, is transferred
to the
subscribers in so-called entitlement control messages containing the control
word encrypted
using a service key. This service key is downloaded in the memory 11 of the
smart card 5 by
means of a so-called entitlement management message for example. During
operation the
CAM 4 transfers the entitlement control messages towards the microprocessor 10
of the smart
card 5 so that the microprocessor 10 can process the entitlement control
message and extract
the control word. Thereafter the smart card 5 returns the decrypted control
word towards the
CAM 4 so that the descrambler 7 is allowed to descramble the digital data
stream received
from the demodulator 1.
21421747.3


CA 02250833 2005-07-04
-4-
In order to prevent the use of an unauthorized smart card 5 in combination
with the
CAM 4 it is important to provide a secure communication between the CAM 4 and
the smart
card 5. According to the present invention the following method is used to
provide such a
secure communication. The steps of this method are shown in fig. 2. When a
smart card is
inserted into the decoder, the microprocessor 8 of the CAM 4 will generate two
random
numbers Ci and A. The microprocessor 8 will encrypt in a first message the
random numbers
Ci and A under a public key of the CAM 4. The thus obtained first message is
transferred to
the smart card S and the microprocessor 10 will decrypt this first message
using the secret key
of the CAM 4. Thereafter the microprocessor 10 will return a second message to
the CAM 4,
said second message being the random number A encrypted under the number Ci
used as
encryption key. The microprocessor 8 of the CAM 4 decrypts this second message
and
verifies whether the random number A is correct. Assuming that the random
number A is
indeed correct, so that it may be assumed that the inserted smart card 5 is an
authorized smart
card, the CAM 4 will then forward entitlement control messages containing the
encrypted
control word to the smart card S which will process the entitlement control
message and
extract the control word in a conventional manner. However, in the return
message towards
the CAM 4, the smart card will forward the extracted control word encrypted
under the key Ci
and these encrypted control words are decrypted by the microprocessor 8 using
the same key
Ci. As soon as one tries to replace the inserted smart card S by an other
smart card, for
example by switching from the authorized smart card 5 to an unauthorized smart
card, the
CAM 4 will immediately establish such change as the key Ci will not be known
to the new
smart card, so that the CAM will no longer be able to descramble the return
messages
containing the control word. Thereby the descrambler unit 7 will be disabled.
The method described can be used in the same manner for providing a secure
communication between the CAM 4 and the decoder, wherein the same protocol as
shown in
fig. 2 is followed.
In summary it will be understood that if a new CAM 4 is connected to the other
decoder parts, the microprocessor 6 of the decoder will generate the two
random numbers Ci
and A and as soon as the microprocessor 6 has decrypted the second message
received from
21421747.3


CA 02250833 2005-07-04
-$-
the microprocessor 8 of the CAM 4, and has verified that the random number A
is correct, the
key Ci will be used in all transmissions between the CAM 4 and the
microprocessor 6.
The invention is not restricted to the above-described embodiments which can
be
varied in a number of ways within the scope of the claims. As an example for a
further
S embodiment the CAM (i.e. the descrambler) may be part of the decoder. The
decoder would
now challenge the smart card to authenticate itself to obtain a secure
communication between
the smart card and the decoder.
21421747.3

Representative Drawing