公开(公告)号：US07986781B2

公开(公告)日：2011-07-26

申请号：US11994487

申请日：2006-07-06

申请人： Philippe Stransky

发明人： Philippe Stransky

IPC分类号： H04L9/00

CPC分类号： H04N21/23473 ,  H04N7/1675 ,  H04N21/26606 ,  H04N21/4405 ,  H04N21/4623

摘要： The invention concerns a method for controlling access to encrypted data (CT) by control words (CW), said control words being received by a security module in control messages (ECM) and returned to a unit operating on the encrypted data. Said control messages (ECM) contain at least one first control word (CW1) and a second control word (CW2), said control words each allowing access to the encrypted data (CT) during a predetermined period called cryptoperiod (CP). Said method includes the following steps: sending said encrypted data to at least one operating unit; and sending control messages (ECM) to said control unit, such a control message (ECM) containing at least two specific control words (CW1, CW2) being sent to the operating unit after sending the data encrypted by said first control word (CW1) and before sending the data encrypted by said second control word (CW2). Said method is characterized in that the time shift between sending to the operating unit the data encrypted by said first control word (CW1) and sending the control message (ECM) containing said first control word (CW1) and said second control word (CW2) is more than 75% of the cryptoperiod.

摘要翻译： 本发明涉及一种用于通过控制字（CW）控制对加密数据（CT）的访问的方法，所述控制字由控制消息（ECM）中的安全模块接收并返回到在加密数据上操作的单元。 所述控制消息（ECM）包含至少一个第一控制字（CW1）和第二控制字（CW2），所述控制字各自允许在称为加密周期（CP）的预定周期期间访问加密数据（CT）。 所述方法包括以下步骤：将所述加密数据发送到至少一个操作单元; 以及向所述控制单元发送控制消息（ECM），在发送由所述第一控制字（CW1）加密的数据之后，将包含至少两个特定控制字（CW1，CW2）的控制消息（ECM）发送到操作单元， 并且在发送由所述第二控制字（CW2）加密的数据之前。 所述方法的特征在于，向所述操作单元发送由所述第一控制字（CW1）加密的数据并发送包含所述第一控制字（CW1）和所述第二控制字（CW2）的控制消息（ECM） 超过加密周期的75％。

公开(公告)号：US20090049488A1

公开(公告)日：2009-02-19

申请号：US11664063

申请日：2005-09-28

申请人： Philippe Stransky

发明人： Philippe Stransky

IPC分类号： H04N7/173

CPC分类号： H04L63/08 ,  H04L29/06 ,  H04L61/103 ,  H04L61/2076

摘要： This invention relates to a Method for updating a table of correspondence between a logical address associated to a user unit in a communication network and a unique identification number associated to a user unit of a group of user units managed by a management centre, a method in which messages are exchanged between said management centre and at least one specific user unit of said group by means of said communication network, these messages being forwarded to the specific user unit using the logical address of said user unit in said network, wherein it includes the steps of searching in said table of correspondence for the logical address of the user unit in said communication network corresponding to the unique identification number of the specific user unit; of sending of messages to the user unit having the concerned unique identification number, to the logical address corresponding to said communication network; in the case of incorrect reception of the messages, sending of a request containing an identifier of said specific user unit (STB*), this request being sent to all or part of the user units (STB) forming said group; detection of a return message of a user unit (STB*) whose unique identification number (UA*) corresponds to said identifier contained in the request; determination of the logical address (AD*) in said network, used by the user unit (STB*) having transmitted the return message; verification of the logical address (AD) by establishing a communication between the management centre and the user unit (STB*) and authentication of the specific user unit by the management centre; storage in the table of correspondence (TC) of the management centre of said logical address (AD*) of the user unit in said network, in connection with said unique identification number (UA*) of the user unit (STB*) having transmitted the return messages.

公开(公告)号：US20080101615A1

公开(公告)日：2008-05-01

申请号：US11942391

申请日：2007-11-19

申请人： Philippe Stransky ,  Marco Sasselli

发明人： Philippe Stransky ,  Marco Sasselli

IPC分类号： H04L9/08

CPC分类号： H04L63/0428 ,  H04L9/0822 ,  H04L9/0897 ,  H04L9/3263 ,  H04L63/062 ,  H04L2209/56

摘要： A method of production and distribution of asymetric public and private keys between a key generation centre and at least one user unit (DEC), the unit comprising a security module (SM), the method consisting in generating certificates comprising a public key and a private key in a first cryptographic unit (KPG), coding the private key by use of a service key in the first cryptographic unit (KPG) and storing the private key in a key memory (KPS), when sending the keys to a user unit, extracting the keys from the key memory (KPS), composing the certification with the public key, decoding the corresponding private key by use of the service key in a cryptographic security module and coding it with a transport key of the user.

摘要翻译： 一种在密钥生成中心和至少一个用户单元（DEC）之间生成和分配非对称公钥和私钥的方法，所述单元包括安全模块（SM），所述方法包括生成包括公开密钥和私有密钥的证书 键入第一加密单元（KPG），当将密钥发送到用户单元时，通过使用第一加密单元（KPG）中的服务密钥对私钥进行编码并将私钥存储在密钥存储器（KPS）中， 从密钥存储器（KPS）提取密钥，用公钥构成认证，通过使用加密安全模块中的服务密钥对相应的私钥进行解码，并用用户的传输密钥进行编码。

公开(公告)号：US20100272267A1

公开(公告)日：2010-10-28

申请号：US12756655

申请日：2010-04-08

申请人： Joël CONUS ,  Philippe Stransky

发明人： Joël CONUS ,  Philippe Stransky

IPC分类号： H04L9/08

CPC分类号： H04N7/165 ,  H04N21/42684 ,  H04N21/4623

摘要： The present invention concerns the generation of a key necessary to decrypt audio/video contents by genuine decoding units. It concerns in particular a method to secure the reception of a broadcast content managed by a control center and encrypted by at least one content key, said content key or a data allowing to recover said content key being transmitted to the decoding units encrypted by a transmission key common to the decoding units, each decoding unit having at least one environment parameter known by the control center, said decoding unit receiving from the control center a first message common to all decoding units and comprising the encrypted transmission key and a second message, pertaining to said decoding unit and comprising correction data dedicated to said decoding unit, the decryption of the transmission key being made using the environment parameter and the correction data.

摘要翻译： 本发明涉及通过原始解码单元生成解密音频/视频内容所必需的密钥。 特别涉及一种确保由控制中心管理的广播内容的接收并通过至少一个内容密钥加密的方法，所述内容密钥或允许恢复发送给通过传输加密的解码单元的所述内容密钥的数据 每个解码单元具有由控制中心已知的至少一个环境参数，所述解码单元从控制中心接收所有解码单元共同的第一消息，并且包括加密的传输密钥和第二消息 到所述解码单元，并且包括专用于所述解码单元的校正数据，使用环境参数和校正数据进行传输密钥的解密。

公开(公告)号：US07975279B1

公开(公告)日：2011-07-05

申请号：US10019518

申请日：2000-07-06

申请人： André Kudelski ,  Marco Sasselli ,  Philippe Stransky ,  Laurent Laffely

发明人： André Kudelski ,  Marco Sasselli ,  Philippe Stransky ,  Laurent Laffely

IPC分类号： H04N7/167

CPC分类号： H04N7/1675 ,  H04N21/25435 ,  H04N21/26606 ,  H04N21/4623 ,  H04N21/47211

摘要： In a pay television system, the choice and the confirmation of an impulse purchase are performed by the user on presentation, by means of a screen, of a grid of programmes. The selection by this user of a particular programme of his choice from the grid is subsequently confirmed in the system by an entitlement management message, this message being specific to an impulse purchase. In order to authorize the immediate screening of the selected transmission, the entitlement management message specific to an impulse purchase is contained in the data tied to the presentation of the grid.

摘要翻译： 在付费电视系统中，用户通过屏幕呈现节目网格来执行脉冲购买的选择和确认。 该用户从网格中选择他选择的特定节目随后通过授权管理消息在系统中确认，该消息特定于脉冲购买。 为了授权对所选择的传输进行即时筛选，特定于脉冲购买的授权管理消息包含在与网格呈现相关联的数据中。

公开(公告)号：US07664706B2

公开(公告)日：2010-02-16

申请号：US10311441

申请日：2001-07-06

申请人： Philippe Stransky ,  Sven Engeström

发明人： Philippe Stransky ,  Sven Engeström

IPC分类号： G06Q99/00 ,  H04K1/00 ,  H04L9/00

CPC分类号： H04N21/6377 ,  G06Q20/123 ,  G06Q40/06 ,  H04N7/165 ,  H04N7/17354 ,  H04N21/4331 ,  H04N21/4334 ,  H04N21/4781 ,  H04N21/6334

摘要： Example embodiments relate to a method for granting customers access to a product or a set of products. The method may include providing by the customer through a secured communication network, a code to a registration center, wherein the code being unique, transmitting the code from the registration center to an authorization center, retrieving the identifier of the product or the set products from the code, by requesting a data base or calculating the identifier, and transmitting, by the authorization center, an authorization code to the customer terminal, wherein the authorization code allows access to the product or the set of products.

摘要翻译： 示例性实施例涉及用于授予客户访问产品或一组产品的方法。 该方法可以包括由客户通过安全通信网络向登记中心提供代码，其中代码是唯一的，将代码从注册中心发送到授权中心，从产品或设备产品的标识符中检索出来 所述代码通过请求数据库或计算所述标识符，以及由所述授权中心向所述客户终端发送授权码，其中所述授权码允许访问所述产品或所述一组产品。

公开(公告)号：US20060020549A1

公开(公告)日：2006-01-26

申请号：US11166126

申请日：2005-06-27

申请人： Philippe Stransky

发明人： Philippe Stransky

IPC分类号： G06Q99/00

CPC分类号： G06F21/73 ,  G06F21/77

摘要： This invention relates to a security module comprising a microprocessor, a program memory containing at least one operating program and unique identification means of said module. This security module is characterized in that the identification means are constituted by a set of unique and artificial computer codes, compatible with their execution by said microprocessor of the module and stored in the program memory. The invention also concerns a personalization method of a security module by a unique identifier, this module comprising a microprocessor and a program memory containing at least one operating program. The method of the invention is characterized in that it includes the steps of generation of a unique set of computer codes, called artificial computer codes and the writing of this set of codes in the program memory in specific memory locations.

公开(公告)号：US20050015587A1

公开(公告)日：2005-01-20

申请号：US10890266

申请日：2004-07-14

申请人： Philippe Stransky

发明人： Philippe Stransky

IPC分类号： H04L9/32 ,  H04L29/06 ,  H04L9/00

CPC分类号： H04L63/0823 ,  H04L9/3226 ,  H04L9/3263 ,  H04L2209/56 ,  H04L2209/80

摘要： A method is for securing and verifying an electronic certificate issued by an authority to an owner. The certificate is stored in the memory of a user unit operated by the owner. The user unit transmits all or part of the data of the certificate to the authority. Further, during an initialization phase, the method includes determining, by the authority, a network identifier pertaining to the user unit, and storing, by the authority, the identifier in connection with the data of the certificate. As such, the use of an electronic certificate by individuals other than the owner may be prevented. Further, damages to the owner, in the case of the theft or copying of a certificate, may be avoided.

摘要翻译： 一种方法是确保和验证由主管机构向所有者颁发的电子证书。 证书存储在由所有者操作的用户单元的存储器中。 用户单元向证书机构发送证书的全部或部分数据。 此外，在初始化阶段期间，该方法包括由该机构确定与该用户单元有关的网络标识符，并且由该授权机构存储与该证书的数据相关联的该标识符。 因此，可以防止除所有者以外的个人使用电子证书。 此外，如果盗用或复制证书，则可以避免对业主的损害赔偿。

公开(公告)号：US08812624B2

公开(公告)日：2014-08-19

申请号：US11664063

申请日：2005-09-28

申请人： Philippe Stransky

发明人： Philippe Stransky

IPC分类号： G06F15/173 ,  H04N7/173

CPC分类号： H04L63/08 ,  H04L29/06 ,  H04L61/103 ,  H04L61/2076

摘要： A method for updating a table of correspondence between a logical address associated to a user unit in a communication network and a unique identification number associated to one of a group of user units managed by a management center, a method where messages are exchanged between said management center and a specific user unit of said group by using said communication network, these messages being forwarded to the logical address of the specific user in said network, the method including searching in said table for the logical address of the user unit in said communication network corresponding to the unique identification number of the specific user unit; sending of messages to the user unit having the concerned unique identification number, to the logical address corresponding to said communication network; and if the messages are received incorrectly, sending a request containing an identifier of said specific user unit.

摘要翻译： 一种用于更新与通信网络中的用户单元相关联的逻辑地址与与管理中心管理的一组用户单元中的一个相关联的唯一标识号的对应表的方法，其中在所述管理中交换消息的方法 中心和所述组的特定用户单元，这些消息被转发到所述网络中的特定用户的逻辑地址，所述方法包括在所述表中搜索所述通信网络中的用户单元的逻辑地址 对应于特定用户单元的唯一标识号; 向具有相关唯一标识号的用户单元发送消息到对应于所述通信网络的逻辑地址; 并且如果消息被错误地接收，则发送包含所述特定用户单元的标识符的请求。

公开(公告)号：US08315392B2

公开(公告)日：2012-11-20

申请号：US12756655

申请日：2010-04-08

申请人： Joel Conus ,  Philippe Stransky

发明人： Joel Conus ,  Philippe Stransky

IPC分类号： H04L9/00

CPC分类号： H04N7/165 ,  H04N21/42684 ,  H04N21/4623

摘要： The present invention concerns the generation of a key necessary to decrypt audio/video contents by genuine decoding units. It concerns in particular a method to secure the reception of a broadcast content managed by a control center and encrypted by at least one content key, said content key or a data allowing to recover said content key being transmitted to the decoding units encrypted by a transmission key common to the decoding units, each decoding unit having at least one environment parameter known by the control center, said decoding unit receiving from the control center a first message common to all decoding units and comprising the encrypted transmission key and a second message, pertaining to said decoding unit and comprising correction data dedicated to said decoding unit, the decryption of the transmission key being made using the environment parameter and the correction data.

摘要翻译： 本发明涉及通过原始解码单元生成解密音频/视频内容所必需的密钥。 特别涉及一种确保由控制中心管理的广播内容的接收并通过至少一个内容密钥加密的方法，所述内容密钥或允许恢复发送给通过传输加密的解码单元的所述内容密钥的数据 每个解码单元具有由控制中心已知的至少一个环境参数，所述解码单元从控制中心接收所有解码单元共同的第一消息，并且包括加密的传输密钥和第二消息 到所述解码单元，并且包括专用于所述解码单元的校正数据，使用环境参数和校正数据进行传输密钥的解密。