Note: Claims are shown in the official language in which they were submitted.
-6-
CLAIMS
What is claimed is
1. Method for providing a secure communication between two devices (4, 5),
wherein a
first device (4) generates a random key (Ci) and transfers said key to a
second device (5) in a
first message encrypted using a public key, wherein said second device (5)
decrypts the first
encrypted message by means of a corresponding secret key to obtain said random
key (Ci),
wherein said random key is used to encrypt and decrypt transmissions from said
second to
said first device.
2. Method according to claim 1, wherein after decrypting said encrypted
message, said
second device (5) first returns said random key (Ci) in a second encrypted
message with an
authentication to said first device (4).
3. Method according to claim 2, wherein for providing said authentication said
first
device (4) further generates a random number (A) and transfers this random
number (A)
together with said random key (Ci) in said first encrypted message to the
second device (5),
wherein the second device uses said random number (A) for authentication in
the second
encrypted message.
4. Method according to claim 3, wherein said second device (5) encrypts said
random
number (A) under said random key (Ci) to obtain said second encrypted message.
5. Application of the method of any one of claims 1-4 in a decoder for a pay
TV system,
wherein said decoder comprises a control access module (CAM) (4) and a smart
card (SC)
(5), wherein said method is applied to provide a secure communication between
the control
access module (4) and the smart card (5).
6. Application of the method of any one of claims 1-4 in a decoder for a pay
TV system,
wherein said decoder comprises a conditional access module (CAM) (4) and a
smart card
(SC) (5), wherein said method is applied to provide a secure communication
between the
decoder and the conditional access module (4).
-7-
7. Decoder for a pay TV system, comprising a conditional access module (4) and
a smart
card (5), said conditional access module comprising means (8) for generating a
random key
(Ci), means (8) for encrypting said key in a first encrypted message using a
public key
encryption method, means (8) for transferring said first encrypted message to
the smart card,
said smart card (5) comprising means (10) for receiving and decrypting said
first encrypted
message to obtain said random key, means (10) for encrypting transmissions to
the
conditional access module under said random key, said conditional access
module (4) having
means (8) to decrypt said transmissions received from the smart card.
8. Decoder according to claim 7, wherein said smart card (5) comprises means
(10) for
returning said random key to the conditional access module in a second
encrypted message
with an authentication.
9. Decoder according to claim 8, wherein said generating means (8) of the
conditional
access module (4) further generates a random number which is included in said
first encrypted
message, wherein the smart card (5) is adapted to use said random number as
authentication
in the second encrypted message.
10. Decoder system for a pay TV system, comprising a decoder and a conditional
access
module (4), wherein said decoder comprises means (6) for generating a random
key (Ci),
means (6) for encrypting said key in a first encrypted message using a public
key encryption
method, means (6) for transferring said first encrypted message to the
conditional access
module (4), said conditional access module comprising means (8) for receiving
and
decrypting said first encrypted message to obtain said random key, means (8)
for encrypting
transmissions to the decoder under said random key, said decoder having means
(6) to decrypt
said transmissions received from the conditional access module.
11. Decoder system according to claim 10, wherein said conditional access
module (4)
comprises means (8) for returning said random key to the decoder in a second
encrypted
message with an authentication.
-8-
12. Decoder system according to claim 11, wherein said generating means (6) of
the
decoder further generates a random number which is included in said first
encrypted message,
wherein the conditional access module (4) is adapted to use said random number
as
authentication in the second encrypted message.
13. A method for providing a secure communication between two devices in a
decoder for
a pay TV system, wherein said decoder comprises a conditional access module
(CAM) and a
smart card (SC), wherein a first device generates a random key (Ci) and
transfers said key to a
second device in a first message encrypted using a public key, wherein said
second device
decrypts the first encrypted message by means of a corresponding secret key to
obtain said
random key of a corresponding secret key to obtain said random key (Ci),
wherein after
decrypting said encrypted message, said second device first returns said
random key (Ci) in a
second encrypted message with an authentication to said first device, wherein
said random
key (Ci) is used to encrypt and decrypt transmissions between said devices.
14. The method according to claim 13, wherein for providing said
authentication said first
device further generates a random number (A) and transfers this random number
(A) together
with said random key (Ci) in said first encrypted message to the second
device, wherein the
second device uses said random number (A) for authentication in the second
encrypted
message.
15. The method according to claim 14, wherein said second device encrypts said
random
number (A) under said random key (Ci) to obtain said second encrypted message.
16. The method of claim 13, wherein said method provides a secure
communication
between the conditional access module and the smart card.
17. The method of claim 13, wherein said method provides a secure
communication
between the decoder and the conditional access module.
18. The method of claim 14, wherein said method provides a secure
communication
between the conditional access module and the smart card.
-9-
19. The method of claim 15, wherein said method provides a secure
communication
between the conditional access module and the smart card.
20. The method of claim 14, wherein said method provides a secure
communication
between the decoder and the conditional access module.
21. The method of claim 15, wherein said method provides a secure
communication
between the decoder and the conditional access module.
22. A decoder for use in a decoder system for a pay TV system, the decoder
system
having a conditional access module, the conditional access module including
means for
receiving a first encrypted message encrypted under a random key (Ci) and
means for
decrypting the first encrypted message, the conditional access module further
including
means for encrypting transmissions to decoder, said decoder comprising:
means for generating the random key (Ci);
means for encrypting the random key in the first encrypted message using a
public key
encryption method;
means for transferring the first encrypted message to the conditional access
module for
the conditional access module to retrieve the random key; and
means for decrypting the transmissions encrypted under the random key and
received
from the conditional access module.
23. The decoder of claim 22, wherein said generating means further generates a
random
number which is included in the first encrypted message, wherein the
conditional access
module is adapted to use said random number as authentication for returning
the random key
to the decoder in a second encrypted message.
24. A conditional access module for use in a decoder system for a pay TV
system, the
decoder system having a decoder, the decoder including means for generating a
random key,
means for encrypting the random key in a first encrypted message using a
public key
encryption method, and means for transferring the first encrypted message to
said conditional
access module, said conditional access module comprising:
-10-
means for receiving and decrypting the first encrypted message to obtain the
random
key; and
means for encrypting transmissions to the decoder under the random key,
wherein the decoder decrypts said transmissions received from the conditional
access module.
25. The conditional access module of claim 24, said conditional access module
further
comprising means for returning the random key to the decoder in a second
encrypted message
with an authentication.
26. The conditional access module of claim 25, wherein the generating means of
the
decoder further generates a random number which is included in the first
encrypted message,
wherein said conditional access module is adapted to use said random number as
authentication in the second encrypted message.