公开(公告)号：US09444799B2

公开(公告)日：2016-09-13

申请号：US14666354

申请日：2015-03-24

Applicant: Cisco Technology, Inc.

Inventor： Neil B. Buchen ,  Thomas C. Wilson

IPC: H04L29/06 ,  H04N7/167 ,  H04N21/234 ,  H04N21/2347 ,  H04N21/266 ,  H04N21/835

CPC classification number: H04L63/0485 ,  H04L65/607 ,  H04N7/1675 ,  H04N21/23412 ,  H04N21/2347 ,  H04N21/26609 ,  H04N21/26613 ,  H04N21/835

Abstract: The present invention is suitable for use in a multi-encrypted system that dynamically allocates stream identifiers in a second stream depending upon the identifiers in a first stream. The first stream is monitored and counters are incremented with the presence of an identifier. The count for each of the counters is then received. Using the count, a control processor then assigns or revises identifiers in the second stream.

公开(公告)号：US20130275759A1

公开(公告)日：2013-10-17

申请号：US13914392

申请日：2013-06-10

Applicant: KABUSHIKI KAISHA TOSHIBA

Inventor： Hiroshi ISOZAKI ,  Hiroyuki Chaki ,  Kazunobu Konda ,  Takashi Kokubo ,  Hideki Ohkita

IPC: H04L29/06

CPC classification number: H04L63/0428 ,  H04N7/1675 ,  H04N21/2347 ,  H04N21/25816 ,  H04N21/25875 ,  H04N21/26609 ,  H04N21/26613 ,  H04N21/4405 ,  H04N21/4623 ,  H04N21/4627 ,  H04N21/63345 ,  H04N21/6582 ,  H04N21/8355

Abstract: According to one embodiment, a transmitting method transmits a start request for an authentication and key exchange from at least one of receivers to the transmitter, performs an authentication and key exchange for at least one of a first key common to the receivers and a second key peculiar to the at least one of the receivers, and encrypts the content by using a key shared by the transmitter and the at least one of the receivers to transmit the encrypted content to the at least one of the receivers.

Abstract translation: 根据一个实施例，一种发送方法从至少一个接收机发送认证和密钥交换的开始请求到发送器，对接收机共同的第一个密钥和第二个密钥中的至少一个执行认证和密钥交换 并且通过使用由发射机和至少一个接收机共享的密钥来加密内容，以将加密的内容发送到接收机中的至少一个。

公开(公告)号：US08379845B2

公开(公告)日：2013-02-19

申请号：US12487793

申请日：2009-06-19

Applicant: Shraddha Gondkar ,  Satish Arora

Inventor： Shraddha Gondkar ,  Satish Arora

IPC: H04L9/00

CPC classification number: H04N7/1675 ,  H04L9/065 ,  H04L2209/12 ,  H04N21/2347 ,  H04N21/23473 ,  H04N21/23897 ,  H04N21/26609 ,  H04N21/26613

Abstract: Several methods and a system of multilayer encryption of a transport stream data and modification of a transport header are disclosed. An exemplary embodiment provides a method of a multilayer encryption. The method includes further encrypting an initially encrypted transport stream data to generate a multilayer encrypted data using a processor and a memory. The method also includes determining a further encryption flag data. The encryption method modifies a transport header of the multilayer encrypted data. In addition, the encryption method includes the further encryption flag data in an adapted component of a modified transport header.

Abstract translation: 公开了传输流数据的多层加密和传输报头的修改的几种方法和系统。 示例性实施例提供了多层加密的方法。 该方法包括进一步加密最初加密的传输流数据以使用处理器和存储器生成多层加密数据。 该方法还包括确定另外的加密标志数据。 加密方法修改多层加密数据的传输头。 此外，加密方法包括修改后的传输头部的适应部件中的另外的加密标志数据。

公开(公告)号：US08315382B2

公开(公告)日：2012-11-20

申请号：US12796383

申请日：2010-06-08

Applicant: Jean-Bernard Fischer

Inventor： Jean-Bernard Fischer

IPC: G06F7/04 ,  G06F17/30 ,  H04L9/00

CPC classification number: H04N7/1675 ,  H04N21/2585 ,  H04N21/26609 ,  H04N21/63345

Abstract: A method for monitoring execution of a sequence of data processing program instructions in a security module associated to a multimedia unit connected to a managing center supplying control messages authorizing access to broadcast data streams. The security module comprises a processor for executing the instructions, a memory, and a monitoring module for analyzing the instructions before execution by the processor. The managing center comprises a security module emulator generating reference data sets by executing a sequence of instructions induced by data of a given control message in the program. The reference data sets are appended to control messages sent to the security module. The monitoring module analyzes a sequence of program instructions for determining a check data set which is compared with a reference data set received from the control messages. When the reference and check data sets match, the program continues executing. Otherwise, further control message processing stops.

Abstract translation: 一种用于监视与连接到管理中心的多媒体单元相关联的安全模块中的数据处理程序指令的执行的方法，所述管理中心提供授权访问广播数据流的控制消息。 安全模块包括用于执行指令的处理器，存储器和用于在由处理器执行之前分析指令的监视模块。 管理中心包括安全模块仿真器，通过执行由程序中的给定控制消息的数据引起的指令序列来产生参考数据集。 引用数据集附加到发送到安全模块的控制消息中。 监视模块分析用于确定与从控制消息接收的参考数据集进行比较的检查数据集的程序指令序列。 当参考和检查数据集匹配时，程序继续执行。 否则，进一步的控制消息处理停止。

公开(公告)号：US07965839B2

公开(公告)日：2011-06-21

申请号：US12070464

申请日：2008-02-19

Applicant: Brant L. Candelore

Inventor： Brant L. Candelore

IPC: H04N7/167

CPC classification number: H04N21/44055 ,  H04N21/2347 ,  H04N21/23476 ,  H04N21/26609 ,  H04N21/2665 ,  H04N21/4405 ,  H04N21/4622 ,  H04N21/4623 ,  H04N21/6143 ,  H04N21/835

Abstract: A television content delivery system consistent with certain embodiments has a receiver system that receives television content from a plurality of content suppliers. A selective multiple encrypter selectively multiple encrypts the television content, wherein the resultant selectively multiple encrypted content stream is encrypted under at least one conditional access system (CAS) and at least one digital rights management system (DRMS). A transmitter transmits the selectively multiple encrypted television content stream to multiple receivers, so that the selectively multiple encrypted television content stream can be decrypted under either a system using at least one CAS or at least one DRMS. This abstract is not to be considered limiting, since other embodiments may deviate from the features described in this abstract.

Abstract translation: 与某些实施例一致的电视内容传送系统具有从多个内容供应商接收电视内容的接收机系统。 选择性多重加密器选择性地对电视内容进行加密，其中所生成的选择性多个加密内容流在至少一个条件访问系统（CAS）和至少一个数字版权管理系统（DRMS）下进行加密。 发射机将选择性地多个加密的电视内容流发送到多个接收机，使得可以在使用至少一个CAS或至少一个DRMS的系统的任一系统下对选择性地多个加密的电视内容流进行解密。 该摘要不被认为是限制性的，因为其他实施例可能偏离本摘要中描述的特征。

公开(公告)号：US07480383B2

公开(公告)日：2009-01-20

申请号：US10950328

申请日：2004-09-23

Applicant: Yong-Seong Cho ,  Joon-Young Jung ,  O-Hyung Kwon ,  Soo-In Lee

Inventor： Yong-Seong Cho ,  Joon-Young Jung ,  O-Hyung Kwon ,  Soo-In Lee

IPC: H04L9/00

CPC classification number: H04L9/065 ,  H04L9/0618 ,  H04L2209/12 ,  H04L2209/24 ,  H04L2209/601 ,  H04N7/1675 ,  H04N21/2347 ,  H04N21/23895 ,  H04N21/26609

Abstract: The apparatus and method for scrambling high-rate data is disclosed. The apparatus includes a first storing unit for storing a transport stream (TS) inputted from an external device; a common key (CK) generating unit for generating a CK by receiving a control word (CW) from an external conditional access system (CAS); a key scheduling unit for generating predetermined number of keys (KK)s by receiving the CK from the CK generating unit; a plurality of enciphering units for enciphering the TS transmitted from the first storing unit based on the predetermined number of KKs and the CK; a second storing unit for storing the TS enciphered by the enciphering units and outputting the enciphered TS; and a controlling unit for controlling the multiple enciphering units.

Abstract translation: 公开了用于扰乱高速率数据的装置和方法。 该装置包括：第一存储单元，用于存储从外部设备输入的传输流（TS）; 公共密钥（CK）生成单元，用于通过从外部条件访问系统（CAS）接收控制字（CW）来生成CK; 密钥调度单元，用于通过从CK生成单元接收CK来生成预定数量的密钥（KK）; 多个加密单元，用于基于预定数量的KK和CK来加密从第一存储单元发送的TS; 第二存储单元，用于存储由加密单元加密的TS并输出加密的TS; 以及用于控制多个加密单元的控制单元。

公开(公告)号：US20070206792A1

公开(公告)日：2007-09-06

申请号：US11710491

申请日：2007-02-26

Applicant: Kinya Saito

Inventor： Kinya Saito

IPC: H04N7/167

CPC classification number: H04N21/25875 ,  H04N21/2223 ,  H04N21/231 ,  H04N21/23109 ,  H04N21/2347 ,  H04N21/26606 ,  H04N21/26609 ,  H04N21/2665 ,  H04N21/8355

Abstract: The present invention provides a library apparatus capable of storing one or a plurality of recording media and managing data stored in the recording media. The library apparatus includes access control means for writing data or reading data on/from the recording medium; encrypting/decrypting means for encrypting/decrypting the data processed by the access control means; holding means for holding a processing state of the encrypting/decrypting means; and control means for determining whether the recording medium is in an encrypted state on the basis of the processing state.

Abstract translation: 本发明提供一种能够存储一个或多个记录介质并管理存储在记录介质中的数据的库装置。 库装置包括用于在记录介质上写入数据或读取数据的访问控制装置; 加密/解密装置，用于加密/解密由访问控制装置处理的数据; 保持装置，用于保持加密/解密装置的处理状态; 以及控制装置，用于基于处理状态确定记录介质是否处于加密状态。

公开(公告)号：US20050135617A1

公开(公告)日：2005-06-23

申请号：US10950328

申请日：2004-09-23

Applicant: Yong-Seong Cho ,  Joon-Young Jung ,  O-Hyung Kwon ,  Soo-In Lee

Inventor： Yong-Seong Cho ,  Joon-Young Jung ,  O-Hyung Kwon ,  Soo-In Lee

IPC: H04L9/06 ,  H04L9/18 ,  H04L9/00 ,  H04N7/167

CPC classification number: H04L9/065 ,  H04L9/0618 ,  H04L2209/12 ,  H04L2209/24 ,  H04L2209/601 ,  H04N7/1675 ,  H04N21/2347 ,  H04N21/23895 ,  H04N21/26609

Abstract: The apparatus and method for scrambling high-rate data is disclosed. The apparatus includes a first storing unit for storing a transport stream (TS) inputted from an external device; a common key (CK) generating unit for generating a CK by receiving a control word (CW) from an external conditional access system (CAS); a key scheduling unit for generating predetermined number of keys (KK)s by receiving the CK from the CK generating unit; a plurality of enciphering units for enciphering the TS transmitted from the first storing unit based on the predetermined number of KKs and the CK; a second storing unit for storing the TS enciphered by the enciphering units and outputting the enciphered TS; and a controlling unit for controlling the multiple enciphering units.

Abstract translation: 公开了用于扰乱高速率数据的装置和方法。 该装置包括：第一存储单元，用于存储从外部设备输入的传输流（TS）; 公共密钥（CK）生成单元，用于通过从外部条件访问系统（CAS）接收控制字（CW）来生成CK; 密钥调度单元，用于通过从CK生成单元接收CK来生成预定数量的密钥（KK）; 多个加密单元，用于基于预定数量的KK和CK来加密从第一存储单元发送的TS; 第二存储单元，用于存储由加密单元加密的TS并输出加密的TS; 以及用于控制多个加密单元的控制单元。

公开(公告)号：US20030188164A1

公开(公告)日：2003-10-02

申请号：US10109111

申请日：2002-03-27

Applicant: General Instrument Corporation

Inventor： John I. Okimoto ,  Eric J. Sprunk ,  Lawrence W. Tang ,  Annie On-Yee Chen ,  Bridget Kimball ,  Douglas Petty

IPC: H04L009/00

CPC classification number: H04N21/254 ,  H04N7/163 ,  H04N21/2543 ,  H04N21/26609 ,  H04N21/4181 ,  H04N21/4367 ,  H04N21/4623

Abstract: A system is described for uniquely mating components of a communication network such as a smartcard and a set-top box. When mated, the smartcard and set-top box are tied together and have a single identity. Further, the smartcard operates properly only when inserted into an authorized set-top box. Exchanges of information between both components are secured by encryption and authentication to guard against piracy of the exchanged information. The system provides the same authentication key to the set-top box and the smartcard. This key is used for authenticating communication between the set-top box and the smartcard. First, the authentication key is encrypted by a set-top box mating key. The set-top box employs this mating key to decrypt the authentication key. After it is derived, the authentication key is stored in the set-top box's memory. Further, the same authentication key is encrypted by a smartcard mating key. Thereafter, the smartcard employs the smartcard mating key to extract the authentication key. The clear authentication key is stored in the smartcard's memory as well. In this manner, the authentication key is used for securing all communication between the set-top box and the smart-card. For example, the set-top box may request control words from the smartcard. Only after authenticating the request, are the control words for decrypting digital content provided to the set-top box. If the smartcard authentication key is different from the set-top box key, the request for control words is denied.

Abstract translation: 描述了用于唯一地匹配诸如智能卡和机顶盒之类的通信网络的组件的系统。 当配对时，智能卡和机顶盒被捆绑在一起并具有单一身份。 此外，仅当插入授权的机顶盒时，智能卡才能正常运行。 通过加密和认证来确保两个组件之间的信息交换，以防止所交换信息的盗版。 系统向机顶盒和智能卡提供相同的认证密钥。 该密钥用于认证机顶盒和智能卡之间的通信。 首先，认证密钥由机顶盒配对密钥加密。 机顶盒采用这种配对密钥来解密认证密钥。 导出后，身份验证密钥存储在机顶盒的内存中。 此外，相同的认证密钥由智能卡配对密钥加密。 此后，智能卡采用智能卡配对密钥来提取认证密钥。 清除认证密钥也存储在智能卡的存储器中。 以这种方式，认证密钥用于保护机顶盒和智能卡之间的所有通信。 例如，机顶盒可以从智能卡请求控制字。 只有在认证请求之后，才是解密提供给机顶盒的数字内容的控制字。 如果智能卡认证密钥与机顶盒密钥不同，则拒绝对控制字的请求。

公开(公告)号：US20020087971A1

公开(公告)日：2002-07-04

申请号：US09898172

申请日：2001-07-03

Inventor： Keith R. Cochran ,  John Okimoto

IPC: H04N007/167 ,  H04N007/173

CPC classification number: H04N21/23473 ,  H04N7/165 ,  H04N7/1675 ,  H04N7/17336 ,  H04N21/2347 ,  H04N21/2541 ,  H04N21/2543 ,  H04N21/26606 ,  H04N21/26609 ,  H04N21/4143 ,  H04N21/4405 ,  H04N21/4627 ,  H04N21/47202 ,  H04N21/47211 ,  H04N21/63345 ,  H04N21/63775 ,  H04N21/6405 ,  H04N21/6587 ,  H04N21/8355 ,  H04N21/8549

Abstract: A transaction protocol for communicating between an encryption renewal system communicably coupled to one or more video on demand systems via a communication network. The encryption renewal system permits pre-encrypted content to be accessed by clients of the video on demand systems. The protocol comprises, receiving, by the encryption renewal system, a request transaction document having a first format from the video on demand system; parsing the request transaction document to retrieve data from the request transaction document; generating a request object code in a second format for processing by encryption renewal system, the request object code based on the data in the request transaction document; responsive to processing of the request object code, generating a response object code having the second format; converting the response object code to a response transaction document having the first format; and forwarding the response transaction document to the video on demand system.

Abstract translation: 一种用于通过通信网络可通信地耦合到一个或多个视频点播系统的加密更新系统之间进行通信的交易协议。 加密更新系统允许视频点播系统的客户端访问预先加密的内容。 协议包括：通过加密更新系统从视频点播系统接收具有第一格式的请求交易文档; 解析请求事务文档以从请求事务文档中检索数据; 生成第二格式的请求对象代码，用于由加密更新系统进行处理，该请求对象代码基于请求交易文档中的数据; 响应于所述请求对象代码的处理，生成具有所述第二格式的响应对象代码; 将响应对象代码转换为具有第一格式的响应交易文档; 并将响应交易文档转发到视频点播系统。