公开(公告)号：US20050238170A1

公开(公告)日：2005-10-27

申请号：US10830063

申请日：2004-04-23

申请人： Rached Ksontini ,  Henri Kudelski ,  Cedric Groux

发明人： Rached Ksontini ,  Henri Kudelski ,  Cedric Groux

IPC分类号： H04K1/00 ,  H04N7/167

CPC分类号： H04N7/1675 ,  H04L9/0822 ,  H04L9/0833 ,  H04L2209/60 ,  H04N21/2347 ,  H04N21/2585 ,  H04N21/26606 ,  H04N21/26613 ,  H04N21/4181 ,  H04N21/44236

摘要： A method is for protecting an encrypted content, by use of at least one encryption key. The method includes generation of a temporary encryption key, encryption by the temporary key of a value allowing the determination of the encryption keys of the content, transmission of the encrypted value to a multimedia unit, and encryption and transmission of at least two cryptograms including the temporary key encrypted by an authorization key. The first cryptogram is encrypted by a first authorization key pertaining to a first security module and the second cryptogram is encrypted by a second authorization key pertaining to a group of security modules whose first security module is excluded.

摘要翻译： 一种方法是通过使用至少一个加密密钥来保护加密的内容。 该方法包括生成临时加密密钥，通过临时密钥加密允许确定内容的加密密钥的值，将加密值传输到多媒体单元，以及加密和传输至少两个密码，包括 临时密钥由授权密钥加密。 通过与第一安全模块有关的第一授权密钥对第一密码进行加密，并且通过与排除其第一安全模块的一组安全模块相关的第二授权密钥对第二密码进行加密。

公开(公告)号：US08687807B2

公开(公告)日：2014-04-01

申请号：US13014654

申请日：2011-01-26

申请人： Gregory Duval ,  Henri Kudelski

发明人： Gregory Duval ,  Henri Kudelski

IPC分类号： H04K1/00

CPC分类号： H04L9/0869 ,  H04L9/065 ,  H04L9/088 ,  H04L9/0891 ,  H04L63/0435 ,  H04L63/062 ,  H04L63/068 ,  H04L2209/601 ,  H04L2463/062 ,  H04N21/2347 ,  H04N21/26613 ,  H04N21/4405 ,  H04N21/4623

摘要： Systems and methods for performing cascading dynamic crypto periods are disclosed. In embodiments, a control word and a set of functions is transmitted between a head-end and recipient devices at the beginning of a crypto period. The crypto period is divided into a discrete number of sub-crypto periods. The control word used to encrypt and decrypt the broadcast content is changed during each sub-crypto period. At the end of the first sub-crypto period, a derived control word is generated by passing the original control word to a function in the set of functions in order to generate a derived control word at the first transition between sub-crypto periods. The derived control word is used for encryption and decryption of the broadcasted content during the second sub-crypto period. Upon transitioning to the third sub-control-period, the derived control word is input into another function to produce a second derived control word.

摘要翻译： 公开了用于执行级联动态密码周期的系统和方法。 在实施例中，在密码周期开始时，在头端和接收方设备之间传输控制字和一组功能。 密码周期被分为离散数量的子密码周期。 用于加密和解密广播内容的控制字在每个子加密期间被改变。 在第一子密码周期结束时，通过将原始控制字传递给该组函数中的函数来产生导出的控制字，以便在子密码周期之间的第一次转换时生成导出的控制字。 导出的控制字用于在第二子加密期间的广播内容的加密和解密。 在转换到第三子控制周期时，导出的控制字被输入到另一个函数中以产生第二导出控制字。

公开(公告)号：US08646097B2

公开(公告)日：2014-02-04

申请号：US12383787

申请日：2009-03-27

申请人： Joel Conus ,  Luca Gradassi ,  Rached Ksontini ,  Henri Kudelski

发明人： Joel Conus ,  Luca Gradassi ,  Rached Ksontini ,  Henri Kudelski

IPC分类号： G06F17/30

CPC分类号： H04N7/1675 ,  H04N7/163 ,  H04N21/26606 ,  H04N21/4181 ,  H04N21/4623 ,  H04N21/8193

摘要： The aim of the present invention is to limit the impact of security breaches, which are the emulators of the security module. This aim is reached by a processing unit of audio/video digital conditional access data, encrypted by control words, responsible for processing security messages containing at least one cryptogram relative to a control word and one instruction relative to the control word, characterized in that it includes means to receive at least two micro programs by security messages, executable by the security module, said security module comprising means to store at least two micro programs and means to receive an instruction contained in the security message, for selecting the micro program indicated by the instruction, for executing the said micro program with at least the cryptogram as a parameter of execution, this execution allowing the calculation of the control word to be sent back to the audio/video processing unit.

摘要翻译： 本发明的目的是限制作为安全模块的仿真器的安全漏洞的影响。 该目的由音频/视频数字条件访问数据的处理单元达到，由控制字加密，负责处理包含相对于控制字的至少一个密码和相对于控制字的一个指令的安全消息，其特征在于： 包括通过安全消息接收至少两个微程序的装置，由安全模块执行，所述安全模块包括存储至少两个微程序的装置和用于接收包含在安全消息中的指令的装置，用于选择由 所述指令用于执行所述微程序至少具有密码作为执行参数，该执行允许控制字的计算被发送回音频/视频处理单元。

公开(公告)号：US20130103941A1

公开(公告)日：2013-04-25

申请号：US13711014

申请日：2012-12-11

申请人： Xavier Carrel ,  Olivier Brique ,  Henri Kudelski ,  Nicolas Fischer

发明人： Xavier Carrel ,  Olivier Brique ,  Henri Kudelski ,  Nicolas Fischer

IPC分类号： G06F21/62

CPC分类号： G06F21/62 ,  G06F21/12 ,  H04N7/163 ,  H04N7/165 ,  H04N7/1675 ,  H04N21/235 ,  H04N21/26291 ,  H04N21/26606 ,  H04N21/4181 ,  H04N21/435 ,  H04N21/4383 ,  H04N21/4623 ,  H04N21/6543 ,  H04N21/8166

摘要： A method for updating operating data in a security module associated to a user unit for processing digital data broadcast in a transport stream, said unit being connected to a conditional access system transmitting, in said transport stream, to the security module a first stream comprising management messages includes: broadcasting a second stream of operating data patch messages, adding to the first stream of management messages, a trigger message to direct the security module to a conditional access system transmitting a second stream transporting suitable operating data patch messages if a current version of the operating data in the security module requires an update, updating the operating data of the concerned security module with the operating data patch messages from the second stream, directing the security module towards the conditional access system transmitting another stream based on an identifier of the conditional access system in the security module.

摘要翻译： 一种用于更新与用户单元相关联的用于处理在传输流中广播的数字数据的安全模块中的操作数据的方法，所述单元连接到条件访问系统，所述条件访问系统在所述传输流中向安全模块传输包括管理 消息包括：广播第二流操作数据补丁消息，将管理消息的第一流添加到触发消息，以将安全模块引导到条件访问系统，该条件访问系统发送传输合适的操作数据补丁消息的第二流，如果当前版本的 安全模块中的操作数据需要更新，使用来自第二流的操作数据补丁消息来更新相关安全模块的操作数据，将安全模块指向基于条件的标识符的条件访问系统发送另一个流 访问系统在安全模块中。

公开(公告)号：US07725740B2

公开(公告)日：2010-05-25

申请号：US10848014

申请日：2004-05-19

申请人： Henri Kudelski ,  Serge Gaumain

发明人： Henri Kudelski ,  Serge Gaumain

IPC分类号： G06F11/30 ,  G06F12/14

CPC分类号： G07F7/1008 ,  G06Q20/341 ,  G06Q20/40975 ,  G07F7/1016

摘要： A method is used to restore the security of a secure assembly such as a chip card, after the contents of its second memory zone have been read by a third party. The method is for generating a security key implemented by a secure module comprising a central unit, a first conditional access memory zone and at least one second memory zone containing all or part of the user program. The method includes reading of all or part of the second memory zone, and generation of at least one root key based on all or part of the second zone data and on at least one item of secret information stored in the first memory zone.

摘要翻译： 在其第二存储区的内容已被第三方读取之后，使用一种方法来恢复诸如芯片卡之类的安全组件的安全性。 该方法用于生成由包括中央单元，第一条件访问存储区和包含用户程序的全部或部分的至少一个第二存储区的安全模块实现的安全密钥。 该方法包括读取第二存储区的全部或部分，以及基于所有或部分第二区数据以及存储在第一存储区中的至少一个秘密信息项生成至少一个根密钥。

公开(公告)号：US07487349B2

公开(公告)日：2009-02-03

申请号：US10830063

申请日：2004-04-23

申请人： Rached Ksontini ,  Henri Kudelski ,  Cédric Groux

发明人： Rached Ksontini ,  Henri Kudelski ,  Cédric Groux

IPC分类号： H04L9/12 ,  H04N7/167

CPC分类号： H04N7/1675 ,  H04L9/0822 ,  H04L9/0833 ,  H04L2209/60 ,  H04N21/2347 ,  H04N21/2585 ,  H04N21/26606 ,  H04N21/26613 ,  H04N21/4181 ,  H04N21/44236

摘要： A method is for protecting an encrypted content, by use of at least one encryption key. The method includes generation of a temporary encryption key, encryption by the temporary key of a value allowing the determination of the encryption keys of the content, transmission of the encrypted value to a multimedia unit, and encryption and transmission of at least two cryptograms including the temporary key encrypted by an authorization key. The first cryptogram is encrypted by a first authorization key pertaining to a first security module and the second cryptogram is encrypted by a second authorization key pertaining to a group of security modules whose first security module is excluded.

摘要翻译： 一种方法是通过使用至少一个加密密钥来保护加密的内容。 该方法包括生成临时加密密钥，通过临时密钥加密允许确定内容的加密密钥的值，将加密值传输到多媒体单元，以及加密和传输至少两个密码，包括 临时密钥由授权密钥加密。 通过与第一安全模块有关的第一授权密钥对第一密码进行加密，并且通过与排除其第一安全模块的一组安全模块相关的第二授权密钥对第二密码进行加密。

公开(公告)号：US20070174617A1

公开(公告)日：2007-07-26

申请号：US11656468

申请日：2007-01-23

申请人： Xavier Carrel ,  Olivier Brique ,  Henri Kudelski ,  Nicolas Fisher

发明人： Xavier Carrel ,  Olivier Brique ,  Henri Kudelski ,  Nicolas Fisher

IPC分类号： H04L9/00

CPC分类号： G06F21/62 ,  G06F21/12 ,  H04N7/163 ,  H04N7/165 ,  H04N7/1675 ,  H04N21/235 ,  H04N21/26291 ,  H04N21/26606 ,  H04N21/4181 ,  H04N21/435 ,  H04N21/4383 ,  H04N21/4623 ,  H04N21/6543 ,  H04N21/8166

摘要： A method for updating the firmware of a security module allowing it to “jump” towards a dedicated separate patch message stream thanks to a trigger messages stream broadcasted in a main stream of management messages. The trigger messages comprise version information allowing establishing whether the security module is up-to-date, and an identifier indicating to the security module the suitable patch stream. If the current version of the firmware of the security module is inferior to the patch version, the security module is directed towards the stream of patch messages designated by the identifier included in the trigger messages. Once the update of the firmware is complete, the security module is again directed towards the main stream. This return can be carried out automatically, namely with a switch message comprising an identifier of the first stream.

摘要翻译： 一种用于更新安全模块的固件的方法，其允许其由于在主要管理消息流中广播的触发消息流而“跳转”到专用的单独补丁消息流。 触发消息包括允许确定安全模块是否是最新的版本信息，以及向安全模块指示适当的补丁流的标识符。 如果安全模块的固件的当前版本低于补丁版本，则安全模块指向由包括在触发消息中的标识符指定的补丁消息流。 一旦固件更新完成，安全模块将再次指向主流。 该返回可以自动执行，即具有包括第一流的标识符的切换消息。

公开(公告)号：US08484435B2

公开(公告)日：2013-07-09

申请号：US13055413

申请日：2009-07-23

申请人： Fabien Gremaud ,  Henri Kudelski

发明人： Fabien Gremaud ,  Henri Kudelski

IPC分类号： G06F12/10

CPC分类号： G06F12/1009 ,  G06F8/656

摘要： A method for updating, in the background, data stored in physical memories without affecting the current operations performed by the microprocessor. When the update is completely terminated, the application switches from an old version to a new version. This switching occurs by a reconfiguration of the page table during which a first sub-tree structure of pointers accessing the old version of data stored in memories is replaced by a second sub-tree structure of pointers thus allowing access to the new version of data. This update method prevents incoherent transitory states of the system as the latter works with the previous data version until the installation of the new version becomes usable. In the case of an interruption to the update process, the application can always reinitialize the update since the old version of data can be reactivated by returning to the previous configuration of the page table.

摘要翻译： 一种用于在后台更新存储在物理存储器中的数据而不影响由微处理器执行的当前操作的方法。 当更新完全终止时，应用程序将从旧版本切换到新版本。 这种切换通过页表的重新配置而发生，在该表中，访问存储在存储器中的旧版本数据的指针的第一子树结构由指针的第二子树结构代替，从而允许访问新版本的数据。 该更新方法防止系统的不连贯的瞬态状态，因为后者适用于之前的数据版本，直到新版本的安装变得可用。 在更新过程中断的情况下，应用程序可以随时重新初始化更新，因为可以通过返回页面表的先前配置来重新启用旧版本的数据。

公开(公告)号：US08347114B2

公开(公告)日：2013-01-01

申请号：US12737244

申请日：2009-07-27

申请人： Fabien Gremaud ,  Henri Kudelski

发明人： Fabien Gremaud ,  Henri Kudelski

IPC分类号： G06F11/30

CPC分类号： G06F12/1408 ,  G06F12/1009

摘要： A system and a method are disclosed for enforcing a predetermined mapping of addresses in a physical address space to addresses in a virtual address space in a data processing system including a processor in the virtual address space and a memory in a physical address space. During the compilation and linking of an application to be run on the data processing system, in at least one embodiment, the mapping table is generated linking the virtual addresses to physical addresses. This mapping table is kept secret. A second mapping table is generated using a cryptographic function of the physical address with the virtual address as a key to link virtual addresses to intermediate addresses. The second mapping table is loaded into the memory management unit. The data processing system further includes cryptographic hardware to convert the intermediate address to the physical address using the inverse of the cryptographic function which was used to calculate the intermediate address.

摘要翻译： 公开了一种系统和方法，用于将物理地址空间中的地址的预定映射强制到包括虚拟地址空间中的处理器和物理地址空间中的存储器的数据处理系统中的虚拟地址空间中的地址。 在要在数据处理系统上运行的应用的编译和链接期间，在至少一个实施例中，生成将虚拟地址链接到物理地址的映射表。 此映射表保密。 使用具有虚拟地址的物理地址的加密功能作为将虚拟地址链接到中间地址的密钥来生成第二映射表。 第二个映射表被加载到存储器管理单元中。 数据处理系统还包括使用用于计算中间地址的加密函数的倒数将中间地址转换为物理地址的密码硬件。

公开(公告)号：US20110131389A1

公开(公告)日：2011-06-02

申请号：US13055413

申请日：2009-07-23

申请人： Fabien Gremaud ,  Henri Kudelski

发明人： Fabien Gremaud ,  Henri Kudelski

IPC分类号： G06F12/06

CPC分类号： G06F12/1009 ,  G06F8/656

摘要： A method for updating, in the background, data stored in physical memories without affecting the current operations performed by the microprocessor. When the update is completely terminated, the application switches from an old version to a new version. This switching occurs by a reconfiguration of the page table during which a first sub-tree structure of pointers accessing the old version of data stored in memories is replaced by a second sub-tree structure of pointers thus allowing access to the new version of data. This update method prevents incoherent transitory states of the system as the latter works with the previous data version until the installation of the new version becomes usable. In the case of an interruption to the update process, the application can always reinitialize the update since the old version of data can be reactivated by returning to the previous configuration of the page table.

摘要翻译： 一种用于在后台更新存储在物理存储器中的数据而不影响由微处理器执行的当前操作的方法。 当更新完全终止时，应用程序将从旧版本切换到新版本。 这种切换通过页表的重新配置而发生，在该表中，访问存储在存储器中的旧版本数据的指针的第一子树结构由指针的第二子树结构代替，从而允许访问新版本的数据。 该更新方法防止系统的不连贯的瞬态状态，因为后者适用于之前的数据版本，直到新版本的安装变得可用。 在更新过程中断的情况下，应用程序可以随时重新初始化更新，因为可以通过返回页面表的先前配置来重新启用旧版本的数据。