公开(公告)号：WO2010063532A1

公开(公告)日：2010-06-10

申请号：PCT/EP2009/064767

申请日：2009-11-06

Applicant: IRDETO ACCESS B.V. ,  SCHIPPER, Robert

Inventor： SCHIPPER, Robert

IPC: H04N7/167 ,  H04N5/00 ,  G06F21/00

CPC classification number: H04N7/1675 ,  H04N7/163 ,  H04N21/26606 ,  H04N21/4181 ,  H04N21/4623 ,  H04N21/63345

Abstract: The invention relates to content decryption device for receiving a signal comprising encrypted content data and conditional access data. The conditional access data comprises one or more first keys. The content data is encrypted under one or more second keys. The device is configured for communicating with a secure module. The device comprises a signal input for receiving the signal from a head-end system and is configured for providing at least a portion of the conditional access data to the secure module to obtain the one or more first keys from the conditional access data. The device also has a decrypter, preferably a hardware descrambler, comprising a signal input for receiving at least the encrypted content data. The decrypter is configured for decrypting the encrypted content data under the one or more second keys to provide decrypted content data. A key provider, preferably a hardware component, is provided in the device configured for receiving the one or more first keys from the secure module and for providing the one or more second keys to the decrypter using the one or more first keys.

Abstract translation: 本发明涉及用于接收包括加密内容数据和条件访问数据的信号的内容解密装置。 条件访问数据包括一个或多个第一密钥。 内容数据在一个或多个第二密钥下被加密。 该设备被配置为与安全模块进行通信。 该设备包括用于从头端系统接收信号的信号输入，并且被配置用于将条件访问数据的至少一部分提供给安全模块以从条件访问数据获得一个或多个第一密钥。 该设备还具有解密器，优选地是硬件解扰器，其包括用于至少接收加密的内容数据的信号输入。 解密器被配置用于在一个或多个第二密钥下解密加密的内容数据以提供解密的内容数据。 设备中的关键提供者，优选地是硬件组件，被配置为从安全模块接收一个或多个第一密钥，并且使用一个或多个第一密钥向解密器提供一个或多个第二密钥。

公开(公告)号：WO2002102075A1

公开(公告)日：2002-12-19

申请号：PCT/IB2002/002138

申请日：2002-06-06

Applicant: KONINKLIJKE PHILIPS ELECTRONICS N.V. ,  SCHIPPER, Robert

Inventor： SCHIPPER, Robert

IPC: H04N7/16

CPC classification number: H04L63/0442 ,  G11B20/00086 ,  G11B20/00188 ,  G11B20/0021 ,  G11B20/00231 ,  G11B20/0084 ,  H04L63/0853 ,  H04L2463/101 ,  H04N5/913 ,  H04N7/163 ,  H04N7/1675 ,  H04N21/26606 ,  H04N21/4181 ,  H04N21/42646 ,  H04N21/4325 ,  H04N21/4623 ,  H04N2005/91364

Abstract: Device (120), smart card (300) and method for selectively supplying access to a service (202) encrypted using a control word. A service (202) is received with an entitlement control message (ECM) (203) comprising authorization data and a specifier of a validity period of the authorization data. The service is decrypted only if the ECM (203) is found valid. The service (202) can be stored on a storage medium such as a DVD. An ECM transcoding module (211) obtains the authorization data from the ECM (203) supplies to writing means (215) a device-specific ECM comprising the authorization data. The device-specific ECM may be encrypted with a key specific to the device (120) and/or comprise an identifier for the device (120).

Abstract translation: 设备（120），智能卡（300）和用于选择性地提供对使用控制字加密的服务（202）的访问的方法。 接收具有授权数据和授权数据的有效期的说明符的授权控制消息（ECM）（203）的服务（202）。 只有当ECM（203）被发现有效时，该服务被解密。 服务（202）可以存储在诸如DVD的存储介质上。 ECM代码转换模块（211）从ECM（203）获取授权数据，供应给写入装置（215）包括授权数据的设备专用ECM。 特定于设备的ECM可以用特定于设备（120）的密钥加密和/或包括设备（120）的标识符。

公开(公告)号：WO2005048603A1

公开(公告)日：2005-05-26

申请号：PCT/IB2004/052300

申请日：2004-11-04

Applicant: KONINKLIJKE PHILIPS ELECTRONICS N.V. ,  SCHIPPER, Robert ,  VAN DOMMELEN, Erwin, J.

Inventor： SCHIPPER, Robert ,  VAN DOMMELEN, Erwin, J.

IPC: H04N7/167

CPC classification number: H04N21/4181 ,  G06Q20/1235 ,  G06Q20/388 ,  G07F7/1008 ,  H04N21/2347 ,  H04N21/26606 ,  H04N21/4405 ,  H04N21/44236 ,  H04N21/4623

Abstract: A data stream contains content data that can be decrypted using control words. ECM messages that are included in the stream and contain the control words that is required for decrypting nearby content data. EMM messages contain management information for entitling selected stream receiving devices to decrypt content data from the data stream using control words from ECM messages. Further management information is included in at least some of the the ECM messages. The secure device detects the further management information when the control words are supplied and tests whether the further management information is targeted at the stream receiving device (12). If so the secure device indefinitely disables subsequent decryption of at least part of the stream in the stream receiving device (12). In one embodiment, the further management information is targeted by means of a specified condition on entitlement information stored in the secure device. The secure device tests whether any of it's entitlement information meets this condition and, if so, disables supply of valid control words.

Abstract translation: 数据流包含使用控制字解密的内容数据。 包含在流中并包含解密附近内容数据所需的控制字的ECM消息。 EMM消息包含管理信息，用于使用所选择的流接收设备从ECM消息中使用控制字从数据流中解密内容数据。 至少一些ECM消息中包含进一步的管理信息。 当提供控制字时，安全装置检测另外的管理信息，并测试进一步的管理信息是否针对流接收装置（12）。 如果是这样，则安全设备无限期地禁止流接收设备（12）中的流的至少部分的后续解密。 在一个实施例中，通过存储在安全设备中的授权信息的指定条件来定位另外的管理信息。 安全设备测试其任何授权信息是否符合此条件，如果是，则禁用有效控制字的提供。