公开(公告)号：US08549655B2

公开(公告)日：2013-10-01

申请号：US12995003

申请日：2009-05-28

申请人： Fabien Gremaud ,  Joel Wenger

发明人： Fabien Gremaud ,  Joel Wenger

IPC分类号： G06F7/04

CPC分类号： H04N7/1675 ,  H04L9/0833 ,  H04L9/0891 ,  H04L2209/603 ,  H04L2209/80 ,  H04N7/163 ,  H04N21/26606 ,  H04N21/4181 ,  H04N21/4367 ,  H04N21/4623 ,  H04N21/63345

摘要： Unit for secure processing access controlled audio/video data capable of receiving control messages (ECM) comprising at least one first control word (CW1) and first right execution parameters (C1), at least one second control word (CW2) and second right execution parameters (C2), said processing unit being connected to a first access control device (CA1), said processing unit is characterized in that it comprises: —means for verifying and applying the first right execution parameters (C1) in relation to the contents of a memory (M1) of said first access control device (CA1) and means for obtaining the first control word CW1, —a second access control device (CA2) integrated into the processing unit UT including means for verifying and applying the second right execution parameters (C2) in relation to the contents of a memory (M2) associated to said second access control device (CA2) and means for obtaining the second control word (CW2), —a deciphering module (MD) capable of deciphering, sequentially with the first and the second control word (CW1) and (CW2), the access controlled audio/video data, said control words (CW1) and (CW2) being provided by the first and second access control devices (CA1, CA2) and stored in said deciphering module (MD). A method for secure processing digital access controlled audio/video data carried out by said unit is also an object of the present invention.

摘要翻译： 用于安全处理访问控制音频/视频数据的单元，其能够接收包括至少一个第一控制字（CW1）和第一右执行参数（C1）的控制消息（ECM），至少一个第二控制字（CW2）和第二右执行 参数（C2），所述处理单元连接到第一访问控制设备（CA1），所述处理单元的特征在于它包括： - 用于验证和应用第一正确执行参数（C1）的内容相对于 所述第一访问控制装置（CA1）的存储器（M1）和用于获得集成到处理单元UT中的第一控制字CW1，第二存取控制装置（CA2）的装置，包括用于验证和应用第二正确执行参数 （C2）和与所述第二访问控制装置（CA2）相关联的存储器（M2）的内容和用于获得第二控制字（CW2）的装置， - 解密模块（MD） 由第一和第二控制字（CW1）和（CW2）顺序地由第一和第二访问控制装置（CA1，CA2）提供访问控制音频/视频数据，所述控制字（CW1）和（CW2） 并存储在所述解密模块（MD）中。 用于安全处理由所述单元执行的数字访问控制的音频/视频数据的方法也是本发明的目的。

公开(公告)号：US20110075843A1

公开(公告)日：2011-03-31

申请号：US12995003

申请日：2009-05-28

申请人： Fabien Gremaud ,  Joel Wenger

发明人： Fabien Gremaud ,  Joel Wenger

IPC分类号： H04N7/167

CPC分类号： H04N7/1675 ,  H04L9/0833 ,  H04L9/0891 ,  H04L2209/603 ,  H04L2209/80 ,  H04N7/163 ,  H04N21/26606 ,  H04N21/4181 ,  H04N21/4367 ,  H04N21/4623 ,  H04N21/63345

摘要： Unit for secure processing access controlled audio/video data capable of receiving control messages(ECM) comprising at least one first control word (CW1) and first right execution parameters (C1), at least one second control word (CW2) and second right execution parameters (C2), said processing unit being connected to a first access control device (CA1), said processing unit is characterized in that it comprises: —means for verifying and applying the first right execution parameters (C1) in relation to the contents of a memory (M1) of said first access control device (CA1) and means for obtaining the first control word CW1, —a second access control device (CA2) integrated into the processing unit UT including means for verifying and applying the second right execution parameters (C2) in relation to the contents of a memory (M2) associated to said second access control device (CA2) and means for obtaining the second control word (CW2), —a deciphering module (MD) capable of deciphering, sequentially with the first and the second control word (CW1) and (CW2), the access controlled audio/video data, said control words (CW1) and (CW2) being provided by the first and second access control devices (CA1, CA2) and stored in said deciphering module (MD). A method for secure processing digital access controlled audio/video data carried out by said unit is also an object of the present invention.

摘要翻译： 用于安全处理访问控制音频/视频数据的单元，其能够接收包括至少一个第一控制字（CW1）和第一右执行参数（C1）的控制消息（ECM），至少一个第二控制字（CW2）和第二右执行 参数（C2），所述处理单元连接到第一访问控制设备（CA1），所述处理单元的特征在于它包括： - 用于验证和应用第一正确执行参数（C1）的内容相对于 所述第一访问控制装置（CA1）的存储器（M1）和用于获得集成到处理单元UT中的第一控制字CW1，第二存取控制装置（CA2）的装置，包括用于验证和应用第二正确执行参数 （C2）相关于与所述第二访问控制设备（CA2）相关联的存储器（M2）的内容和用于获得第二控制字（CW2）的装置， - 解密模块（MD） 第一和第二控制字（CW1）和（CW2）顺序地由第一和第二访问控制装置（CA1，...）提供访问控制音频/视频数据，所述控制字（CW1）和（CW2） CA2）并存储在所述解密模块（MD）中。 用于由所述单元执行的用于安全处理数字访问控制的音频/视频数据的方法也是本发明的目的。

公开(公告)号：US20110099387A1

公开(公告)日：2011-04-28

申请号：US12737244

申请日：2009-07-27

申请人： Fabien Gremaud ,  Henri Kudelski

发明人： Fabien Gremaud ,  Henri Kudelski

IPC分类号： G06F12/14

CPC分类号： G06F12/1408 ,  G06F12/1009

摘要： A system and a method are disclosed for enforcing a predetermined mapping of addresses in a physical address space to addresses in a virtual address space in a data processing system including a processor in the virtual address space and a memory in a physical address space. During the compilation and linking of an application to be run on the data processing system, in at least one embodiment, the mapping table is generated linking the virtual addresses to physical addresses. This mapping table is kept secret. A second mapping table is generated using a cryptographic function of the physical address with the virtual address as a key to link virtual addresses to intermediate addresses. The second mapping table is loaded into the memory management unit. The data processing system further includes cryptographic hardware to convert the intermediate address to the physical address using the inverse of the cryptographic function which was used to calculate the intermediate address.

摘要翻译： 公开了一种系统和方法，用于将物理地址空间中的地址的预定映射强制到包括虚拟地址空间中的处理器和物理地址空间中的存储器的数据处理系统中的虚拟地址空间中的地址。 在要在数据处理系统上运行的应用的编译和链接期间，在至少一个实施例中，生成将虚拟地址链接到物理地址的映射表。 此映射表保密。 使用具有虚拟地址的物理地址的加密功能作为将虚拟地址链接到中间地址的密钥来生成第二映射表。 第二个映射表被加载到存储器管理单元中。 数据处理系统还包括使用用于计算中间地址的加密函数的倒数将中间地址转换为物理地址的密码硬件。

公开(公告)号：US08484435B2

公开(公告)日：2013-07-09

申请号：US13055413

申请日：2009-07-23

申请人： Fabien Gremaud ,  Henri Kudelski

发明人： Fabien Gremaud ,  Henri Kudelski

IPC分类号： G06F12/10

CPC分类号： G06F12/1009 ,  G06F8/656

摘要： A method for updating, in the background, data stored in physical memories without affecting the current operations performed by the microprocessor. When the update is completely terminated, the application switches from an old version to a new version. This switching occurs by a reconfiguration of the page table during which a first sub-tree structure of pointers accessing the old version of data stored in memories is replaced by a second sub-tree structure of pointers thus allowing access to the new version of data. This update method prevents incoherent transitory states of the system as the latter works with the previous data version until the installation of the new version becomes usable. In the case of an interruption to the update process, the application can always reinitialize the update since the old version of data can be reactivated by returning to the previous configuration of the page table.

摘要翻译： 一种用于在后台更新存储在物理存储器中的数据而不影响由微处理器执行的当前操作的方法。 当更新完全终止时，应用程序将从旧版本切换到新版本。 这种切换通过页表的重新配置而发生，在该表中，访问存储在存储器中的旧版本数据的指针的第一子树结构由指针的第二子树结构代替，从而允许访问新版本的数据。 该更新方法防止系统的不连贯的瞬态状态，因为后者适用于之前的数据版本，直到新版本的安装变得可用。 在更新过程中断的情况下，应用程序可以随时重新初始化更新，因为可以通过返回页面表的先前配置来重新启用旧版本的数据。

公开(公告)号：US08347114B2

公开(公告)日：2013-01-01

申请号：US12737244

申请日：2009-07-27

申请人： Fabien Gremaud ,  Henri Kudelski

发明人： Fabien Gremaud ,  Henri Kudelski

IPC分类号： G06F11/30

CPC分类号： G06F12/1408 ,  G06F12/1009

摘要： A system and a method are disclosed for enforcing a predetermined mapping of addresses in a physical address space to addresses in a virtual address space in a data processing system including a processor in the virtual address space and a memory in a physical address space. During the compilation and linking of an application to be run on the data processing system, in at least one embodiment, the mapping table is generated linking the virtual addresses to physical addresses. This mapping table is kept secret. A second mapping table is generated using a cryptographic function of the physical address with the virtual address as a key to link virtual addresses to intermediate addresses. The second mapping table is loaded into the memory management unit. The data processing system further includes cryptographic hardware to convert the intermediate address to the physical address using the inverse of the cryptographic function which was used to calculate the intermediate address.

摘要翻译： 公开了一种系统和方法，用于将物理地址空间中的地址的预定映射强制到包括虚拟地址空间中的处理器和物理地址空间中的存储器的数据处理系统中的虚拟地址空间中的地址。 在要在数据处理系统上运行的应用的编译和链接期间，在至少一个实施例中，生成将虚拟地址链接到物理地址的映射表。 此映射表保密。 使用具有虚拟地址的物理地址的加密功能作为将虚拟地址链接到中间地址的密钥来生成第二映射表。 第二个映射表被加载到存储器管理单元中。 数据处理系统还包括使用用于计算中间地址的加密函数的倒数将中间地址转换为物理地址的密码硬件。

公开(公告)号：US20110131389A1

公开(公告)日：2011-06-02

申请号：US13055413

申请日：2009-07-23

申请人： Fabien Gremaud ,  Henri Kudelski

发明人： Fabien Gremaud ,  Henri Kudelski

IPC分类号： G06F12/06

CPC分类号： G06F12/1009 ,  G06F8/656

摘要： A method for updating, in the background, data stored in physical memories without affecting the current operations performed by the microprocessor. When the update is completely terminated, the application switches from an old version to a new version. This switching occurs by a reconfiguration of the page table during which a first sub-tree structure of pointers accessing the old version of data stored in memories is replaced by a second sub-tree structure of pointers thus allowing access to the new version of data. This update method prevents incoherent transitory states of the system as the latter works with the previous data version until the installation of the new version becomes usable. In the case of an interruption to the update process, the application can always reinitialize the update since the old version of data can be reactivated by returning to the previous configuration of the page table.

摘要翻译： 一种用于在后台更新存储在物理存储器中的数据而不影响由微处理器执行的当前操作的方法。 当更新完全终止时，应用程序将从旧版本切换到新版本。 这种切换通过页表的重新配置而发生，在该表中，访问存储在存储器中的旧版本数据的指针的第一子树结构由指针的第二子树结构代替，从而允许访问新版本的数据。 该更新方法防止系统的不连贯的瞬态状态，因为后者适用于之前的数据版本，直到新版本的安装变得可用。 在更新过程中断的情况下，应用程序可以随时重新初始化更新，因为可以通过返回页面表的先前配置来重新启用旧版本的数据。

公开(公告)号：US20060109982A1

公开(公告)日：2006-05-25

申请号：US11284101

申请日：2005-11-22

申请人： Jean-Michel Puiatti ,  Andre Nicoulin ,  Nicolas Fischer ,  Guy Moreillon ,  Fabien Gremaud ,  Michael Hill

发明人： Jean-Michel Puiatti ,  Andre Nicoulin ,  Nicolas Fischer ,  Guy Moreillon ,  Fabien Gremaud ,  Michael Hill

IPC分类号： H04N7/167

CPC分类号： H04N5/913 ,  H04N7/163 ,  H04N7/1675 ,  H04N21/26613 ,  H04N21/4181 ,  H04N21/4405 ,  H04N21/4408 ,  H04N21/4627 ,  H04N21/835 ,  H04N2005/91364

摘要： A digital audio/video data processing unit and an access control method to this data are disclosed. The processing unit of audio/video digital data encrypted with control-words coming from control messages includes a deciphering unit of the audio/video data, a decompression unit, an input/output interface of the processed audio/video data and communication device towards a security module. The deciphering and decompression units include respectively an encryption unit and a decryption unit each having at least one personal key and a common encryption key. It includes a secured transmission device of the common key and of the control word extracted from a control message between the security module, the deciphering unit and the encryption unit using the personal key of the encryption unit. The deciphering by the deciphering unit of the audio/video data with the control word and the re-encryption by the encryption unit of said deciphered data with the common key being possible only after a successful verification of the control word and the common key. After temporary storage, the re-encrypted audio/video data cannot be decrypted by the decryption unit unless the common key has been positively verified by the security module by way of a random number generated by the decryption unit.

摘要翻译： 公开了一种数字音频/视频数据处理单元和对该数据的访问控制方法。 用来自控制消息的控制字加密的音频/视频数字数据的处理单元包括音频/视频数据的解密单元，解压缩单元，经处理的音频/视频数据和通信设备的输入/输出接口朝向 安全模块 解密和解压缩单元分别包括加密单元和每个具有至少一个个人密钥和公共加密密钥的解密单元。 它包括使用加密单元的个人密钥从安全模块，解密单元和加密单元之间的控制消息中提取的公用密钥和控制字的安全传输设备。 解密单元利用所述控制字对所述音频/视频数据进行解密，并且所述解密数据的所述加密单元用所述公用密钥进行重新加密，只有在成功验证所述控制字和所述公用密钥之后才可能。 在临时存储之后，重新加密的音频/视频数据不能被解密单元解密，除非通过安全模块通过由解密单元产生的随机数来肯定地验证了公共密钥。

公开(公告)号：US08819434B2

公开(公告)日：2014-08-26

申请号：US12971876

申请日：2010-12-17

申请人： Fabien Gremaud ,  Olivier Brique

发明人： Fabien Gremaud ,  Olivier Brique

IPC分类号： H04L9/32

CPC分类号： H04N7/1675 ,  H04N21/4181 ,  H04N21/42623 ,  H04N21/4367 ,  H04N21/4405 ,  H04N21/4623

摘要： A method based on access conditions verification performed by two conditional access devices consecutively on a control message before releasing a control word to a descrambler. The control message encapsulates a second part including another control message. The processing unit for carrying out the method comprises a first conditional access device connected to a second conditional access device provided with a descrambler and a secured processor or secured hardware logic. The control message and the second part are each encrypted and accompanied by respectively first and second authentication data. The first conditional access device decrypts and verifies integrity of the control message, verifies the first access conditions and transmits the second part to the second access control device. The second conditional access device decrypts and verifies integrity of the second part and further verifies the second access conditions, and releases and loads the control word into the descrambler.

摘要翻译： 一种基于访问条件验证的方法，该方法在将控制字释放到解扰器之前连续地在控制消息上由两个条件访问设备执行。 控制消息封装包括另一个控制消息的第二部分。 用于执行该方法的处理单元包括连接到具有解扰器和安全处理器或安全硬件逻辑的第二条件访问设备的第一条件访问设备。 控制消息和第二部分分别被加密并且分别伴随着第一和第二认证数据。 第一条件访问设备解密并验证控制消息的完整性，验证第一访问条件并将第二部分发送到第二访问控制设备。 第二条件访问设备解密和验证第二部分的完整性，并进一步验证第二访问条件，并释放并将控制字加载到解扰器中。

公开(公告)号：US20130279694A1

公开(公告)日：2013-10-24

申请号：US13990979

申请日：2011-12-01

申请人： Fabien Gremaud ,  Nicolas Fischer

发明人： Fabien Gremaud ,  Nicolas Fischer

IPC分类号： H04N7/167

CPC分类号： H04N7/167 ,  H04N21/4181 ,  H04N21/4334 ,  H04N21/4408

摘要： A television event may be consumed after been stored in a mass memory of a multimedia unit, but still fully relies on the security of a secure device. A conversion of a received content aims at firstly descrambling the content using control words included in entitlement control messages and immediately re-encrypting the descrambled content by a unique key generated specifically for this content. Access conditions attached to the entitlement control message containing the control word are temporarily stored and once the decryption is terminated, the secure device produces an information block. This information block containing for example access conditions and an identifier of the content is either stored into a secure memory of the secure device or stored in the mass memory with the encrypted content. The unique key is made up of a combination of a root key specific to the secure device and the information block.

摘要翻译： 电视事件在被存储在多媒体单元的大容量存储器中之后可能被消耗，但是仍然完全依赖于安全设备的安全性。 接收到的内容的转换旨在首先使用包括在授权控制消息中的控制字对内容进行解扰，并且通过专门针对该内容生成的唯一密钥立即重新加密解扰的内容。 临时存储附加到包含控制字的授权控制消息的访问条件，一旦解密结束，则安全设备产生信息块。 包含例如访问条件和内容的标识符的该信息块或者被存储到安全设备的安全存储器中或者存储在具有加密内容的大容量存储器中。 唯一密钥由特定于安全设备的根密钥和信息块的组合组成。

公开(公告)号：US08489836B2

公开(公告)日：2013-07-16

申请号：US12489712

申请日：2009-06-23

申请人： Fabien Gremaud ,  Christophe Gogniat ,  Marc Bellocchio ,  Pascal Fuchs

发明人： Fabien Gremaud ,  Christophe Gogniat ,  Marc Bellocchio ,  Pascal Fuchs

IPC分类号： G06F13/10

CPC分类号： G06F21/57 ,  G06F21/79

摘要： The present invention describes a system and a method for securely loading digital information from a storage device into a memory module in a data processing system, said data processing system comprising at least one storage device, one memory module and at least one processor, said data processing system further comprising a memory access controller module connected between the processor and the memory module, and a secure memory management module connected to the processor, the memory module, the storage device and the memory access controller. Requests by the processor for data are passed to the secure memory management module, which loads the data from the storage device to the memory module and configures the memory access controller such that the processor will have access to the data.

摘要翻译： 本发明描述了一种用于将数字信息从存储设备安全地加载到数据处理系统中的存储器模块的系统和方法，所述数据处理系统包括至少一个存储设备，一个存储器模块和至少一个处理器，所述数据 处理系统还包括连接在处理器和存储器模块之间的存储器访问控制器模块，以及连接到处理器，存储器模块，存储设备和存储器访问控制器的安全存储器管理模块。 处理器对数据的请求被传递到安全存储器管理模块，安全存储器管理模块将数据从存储设备加载到存储器模块，并配置存储器访问控制器，使得处理器能够访问数据。