Detailed Description
An embodiment of a smart card access control system incorporating the present invention will be described with reference to the exemplary video signal processing system shown in the block diagram of fig. 1. The system shown in fig. 1 includes signal processing functionality that may be found in a variety of signal processing systems. One particular example is DSS developed by Thomson consumer electronicsDirect broadcast satellite television system.
For pay television services including a smart card based access control system, a user wishing to obtain the service contacts the service provider, pays the service fee and obtains a smart card. The card to the user is provided with initial qualification information and stored in the EEPROM of the card. The entitlement information may include data identifying the user and data specifying the initial access entitlement range (e.g., the duration of the user's payment and/or the particular program). In addition, application-specific key generation software is stored in the card memory.
The entitlement information stored in the card may be remotely modified by the service provider using entitlement management information (EMM) and entitlement control information (ECM) inserted in certain parts of the signal. EMMs include information indicating subscription (long-term access) and pay-per-view (single program access) services that the user has paid for. The EMM may be directed to a specific smart card by including identification information corresponding to the identification information stored in the specific smart card in the EMM data. The ECM includes data such as the initial data required to generate the decryption key. Thus, the signal for a particular program includes an encrypted data component containing video and audio data and a control information component containing EMMs and ECMs.
When a user wishes to access a subscription television service, the smart card 180 of FIG. 1 is inserted into a card reader 190. The card reader 190 couples signals between the smart card 180 and the signal processing channels comprising the units 100 to 170 of fig. 1. In detail, the card reader 190 is connected to 8 terminals (see fig. 2) located on the surface of the smart card 180 as described in ISO standard 7816-2. The connection established by the card reader 190 creates an interface 187 between the smart card 180 and the signal processing channel. In accordance with an aspect of the present invention, which will be described below, the eight signals in interface 187 comprise signal 184, a high speed data input/output (I/O) port of smart card 180, and signal 182, a subset of the ISO standard IC card interface signals.
The desired program or service may be selected by tuning the receiver to the appropriate channel using the tuner 100. The tuner 100 is controlled by a microcontroller 160 based on user input. For example, microcontroller 160 may receive the channel selection signal from a remote control (not shown in FIG. 1) operated by the user. In response to the channel selection signal, the microcontroller 160 generates a control signal to cause the tuner 100 to tune to the selected channel.
The output of tuner 100 is coupled to a Forward Error Corrector (FEC) 110. The FEC 110 monitors error control information, such as parity bits in the tuned signal, for errors and corrects the errors according to an error control protocol. The microcontroller 160 is coupled to the FEC 110 to monitor the signal for the occurrence of errors and to control the handling of errors. The FEC 110 also performs an analog-to-digital conversion (ADC) function that converts the analog output of the tuner 100 to a digital signal at the output of the FEC 110.
The transmit unit 120 processes the signal from the FEC 110 to examine and separate various types of data in the tuned signal. The data in the signal may be arranged into various formats. Fig. 3 shows an example of a data format used as a basis for the following description. The signal shown in fig. 3 comprises a data stream arranged in packets of data bytes, i.e. "packet" data. Each packet is associated with a particular type of information or substream in the data stream for the tuned channel. For example, the signals include program guide packets, control information (e.g., ECM or EMM) packets, video packets, and audio packets. The sub-stream to which a particular packet relates is defined by the data included in the header portion of each packet. The payload portion of each packet includes packet data. The exemplary data format shown in fig. 3 includes two bytes (16 bits) of data in the header and 186 bytes of data in the payload.
The first twelve bits of the header in each packet are Program Identification (PID) data bits. The PID data identifies the data sub-streams associated with the payload data. An example of the information provided by the PID data is as follows:
TABLE 1
| PID value | Payload content |
| 1 | Program guide information |
| 4 | EMM |
| 10 | Video data of channel 101 |
| 11 | Audio data for channel 101 |
Other PID values identify video and audio data for other channels.
As part of the tuning process, the microcontroller 160 references a PID "map" stored in the microcontroller's memory to determine the PID value associated with the tuned channel. The appropriate PID value is loaded into the PID register of the transfer unit 120. For example, when channel 101 is selected, microcontroller 160 accesses the stored PID map, determines that the video and audio data for channel 101 are for PID values 10 and 11, respectively, and loads the values 10 and 11 into corresponding video and audio PID registers in transport unit 120. The PID values in the incoming packets are compared to PID values stored in a PID register to determine the payload content of each packet. The microcontroller 160 can update the PID map data based on the channel-related information of the PID in the "program guide" packet (PID value of 1).
The last four bits of the header of each packet further define the payload content as follows:
TABLE 2
| Title bit | Name of | Function(s) |
| 13 | ECM markers | Indicating whether the payload is an ECM |
| 14 | - | Retention |
| 15 | ENC sign | Indicating whether the payload is encrypted |
| 16 | Secret keyKey sign | Indicating whether the payload key is Key A or Key B |
The ECM flag is valid, e.g. at logic 1, indicating that the payload comprises ECM data, such as the initial data for generating the key. The ENC flag is valid indicating that the payload is encrypted and must therefore be decrypted. The key flag determines which of the two keys a and B is to be used to decrypt the payload (e.g., logic 0 indicates key a and logic 1 indicates key B). The use of the key flag will be described below with reference to fig. 7.
The transfer unit 120 in fig. 1 extracts and processes header data in response to the packet clock signal shown in fig. 3. The packet clock signal is generated by the FEC 110 and synchronized with the data stream. Each transition of the packet clock signal indicates the start of a packet. The transmit unit 120 processes the 16 bits of header data after each packet clock signal transition to determine the destination of the packet payload. For example, the transmitting unit 120 transmits a payload containing EMM (PID value of 4) and ECM to the security controller 183 in the smart card 180 via the microcontroller 160. The video and audio data is directed to a demultiplexer/decryptor 130 for decryption and separation into video and audio signals. Program guide data (PID value of 1) is directed to microcontroller 160 for PID image updates.
The security controller 183 processes EMM and ECM data. To provide access control functions including entitlement management and key generation. The security controller 183 is included in an Integrated Circuit (IC)181 and includes a microprocessor such as the processor 6805 of motorola, inc. Entitlement management involves processing EMM data to determine how and when to update entitlement information stored in IC 181, i.e., add or delete entitlements. The ECM data provides the initial values required by the security controller 183 to generate the decryption key. After the secret controller 183 generates the key, the key is passed via the microcontroller 160 to the decryptor 130 where the encrypted data components of the input signal from the tuned channel, such as video and audio program data, are decrypted. The decryption function may also be provided by a decryptor 185 included in IC 181, in accordance with the principles of the present invention as will be further described below.
The decrypted video and audio data are decompressed in video decompressor 140 and audio decompressor 145, respectively, and the program data is compressed in the program source using any one of a number of well-known data compression algorithms. Decompressors 140 and 145 are the inverse of the compression algorithm.
The outputs of the video and audio decompressors 140 and 145 are coupled to respective video and audio signal processors 150 and 155. The audio signal processor 155 comprises functions such as stereo signal generation and digital/analog conversion for converting the digital output signal in the decompressor 145 into an analog audio output signal AOUT from the processor 155 that can be coupled to a loudspeaker (not shown in fig. 1). Video signal processor 150 also includes digital-to-analog conversion functionality that is capable of converting the digital output of decompressor 140 to an analog video output signal VOUT suitable for display on a display such as a picture tube. Video processor 150 also provides signal conversions requiring the inclusion in signal VOUT of an on-screen display (OSD) signal generated by OSD processor 170. The OSD signal represents, for example, graphical information such as a channel number display to be included in the displayed image. A video switch in video processor 150 multiplexes the OSD signal to the signal VOUT needed to produce the desired display. The operation of OSD processor 170 is controlled by microcontroller 160.
Turning to the access control features of the system shown in FIG. 1, the features and functionality of the smart card 180 may be better understood by referring to the block diagram of the smart card IC 181 shown in FIG. 4. The same reference numbers in fig. 4 as in fig. 1 represent the same or similar features. In FIG. 4, integrated circuit 181 includes security controller 183, which contains Central Processing Unit (CPU)421, RAM 426, ROM 425, EPROM 423, and serial I/O unit 424. The CPU 421 may be a 6805 processor manufactured by motorola, inc. Key generation and entitlement management software is stored in ROM 425 and EFPROM 423.
Data indicating the current entitlement is also stored in the EEPROM 423 and is modified according to the content of Entitlement Management Message (EMM) in the received signal. When the transport processor 120 in fig. 1 detects an EMM packet (packet PID value is 4), the microcontroller 160 in fig. 1 transports the packet payload to the security controller 183 via the serial I/O unit 424. CPU 421 transmits the EMM data in the payload to RAM 426 and CPU 421 processes the EMM data and modifies the entitlement data stored in EEPROM 423 accordingly.
Packet payloads including entitlement control information (ECM) indicated by the validity of the ECM flag in the packet header are transferred from the transfer unit 120 to the security controller 183 via the microcontroller 160 and the serial I/O unit 424. Any type of packet, such as EMM, video or audio, may include ECMs. ECM data is used to generate decryption keys for a particular type of data. For example, the ECM data in an EMM packet is used to generate an EMM decryption key. When transferred to the privacy controller 183, the ECM data is stored in the RAM 426 until processed by the CPU 421. The key generation software stored in EEPROM 423 and ROM 425 is processed by CPU 421 using the ECM data in RAM 426 to generate a particular key. The ECM data provides information such as initial values required by the key generation algorithm. The generated key is stored in RAM 426 until transferred by CPU 421 to decryptor 130 via serial I/O unit 324 and microcontroller 160.
The EMM and ECM data may be encrypted as indicated by an encryption flag ENC valid in the packet header. The encrypted data is sent from the transmission unit 120 to the decryptor 130 for decryption before being transmitted to the security controller 183 for the entitlement management or key generation process. The features and operation of the IC 181 that have been described are common to known smart card systems. However, as described above, the use of a decryption unit (e.g., decryptor 130) external to the smart card can greatly reduce system security and make it inconvenient to change the decryption hardware. The structures shown in fig. 1 and 4 include features that significantly improve privacy over known smart card systems. In detail, the IC 181 of the smart card 180 comprises a decryption unit 185 and a high data rate synchronization interface 184, the latter comprising separate serial data input and serial data output lines. The combination of the decryptor 185 and the interface 184 makes it possible to perform various access control processes within the smart card 180.
In FIG. 1, a card reader 190 couples the ISO standard interface signal 165 from the microcontroller 160 and the high speed interface signal 125 from the transmission unit 120 to the smart card 180 via ports of the smart card interface 187, referenced 182 and 184, respectively. Fig. 4 shows signals included in the interface 187. The ISO standard signals 182 include power, ground, reset, and serial I/O signals in fig. 4 (corresponding to VCC, GND, RST, and I/O in fig. 2B). The high-speed interface signals 184 include high-speed data input and data output signals, packet clock signals, and high frequency (e.g., 50 mhz) clock signals. The ISO standard signal VPP (programming voltage) is replaced by a packet clock signal so that the interface 187 (including high-speed and low-speed interfaces) can be implemented using the 8-contact ISO standard architecture shown in fig. 2A.
Removing the signal VPP does not prevent the system shown in fig. 1 from operating with existing ISO standard smart cards that do not include the decryptor 185 and the high-speed data interface 184. Existing smart cards typically include EEPROM circuitry that does not require a separate programming voltage. The "supply pump" feature generates the required programming voltage from the card supply voltage when programming is required, so for most existing ISO standard smart cards the VPP signal specified by the ISO standard is an "unused" terminal. Using the system with an existing smart card requires modifying the operation of the system and therefore the high speed interface 184 and the decryptor 185 are not used. The required modifications can be implemented by merely changing the control software of the controller 160.
The decryptor 185 operates at a high data rate, also referred to as a first data rate, in response to a high frequency clock signal, while the privacy controller 183 requires a low frequency clock signal (i.e., a second data rate). The high data rate is preferably in excess of 10 mhz. A frequency divider 422 in the IC 181 divides the 50 mhz clock signal to generate a low frequency clock signal suitable for the security controller 183. Thus, the single high frequency clock signal functions as a timing signal for controlling the operations of the security controller 183 and the decryptor 185. The use of frequency divider 422 avoids dedicating 2 of the 8 smart card interface signals to separate the high and low frequency clock signals.
The decryptor 185 includes a transmission decoding unit 472, a PID & ECM filtering unit 474 and an EMM address filtering unit 476 for providing functions similar to those of the transmission unit 120 shown in fig. 1 described above. The high speed data input and data output signals of interface 187 couple a high speed data stream of input signals between transfer unit 120 and decryptor 185. The functionality of the transfer unit 120 is included within the smart card 180 so that the smart card 180 can process incoming data packets at the high data rate of the incoming signal. Both the data input and the packet clock signal are coupled to unit 472.
In response to each transition of the packet clock signal, unit 472 processes 16 bits of header data. The first 12 bits of the header are Program Identification (PID) data assigned to the PID & ECM filtering unit 474. For each type of packet included in the tuned channel, unit 474 compares the PID data of the packet with the PID value stored in unit 474. Similar to the operation of delivery unit 120 described above (see table 1 above and its associated description), PID comparison in unit 474 determines what type of data the payload includes, such as program guide, EMM, video or audio. The PID value identifying the type of packet in the current tuning signal is stored in a register of unit 474. The registers are loaded as part of the tuning process described above for the system shown in fig. 1. In detail, microcontroller 160 accesses the stored PID "map" as described above and transfers the PID value associated with the currently tuned channel to a register in unit 474 via signal 182 and security controller 183 in smart card 180. The transfer of data between the security controller 183 and the functions of the decryptor 185 (e.g. the unit 474) is via a data bus internal to the IC 181 which is not shown in fig. 4.
How the payload data is processed by the smart card 180 is determined by the result of the PID comparison in unit 474 and the 13-16 bit content of the packet header extracted by unit 472. Using the example above with respect to channel 101 (see table 1), the PID data identifies: the micro-controller 160 processes to update program guide data (PID ═ 1) of the PID image, and the security controller 183 processes to modify EMM data (PID ═ 4), video data (PID ═ 10), and audio data (PID ═ 11) qualified. The 13-16 bits of the header control security related operations in the smart card 180 (see table 2 and description thereof). If the 13 th bit (ECM flag) is valid, the payload includes ECM data that requires a key generation process by the security controller 183. If bit 15 (ENC flag) is valid, the payload is encrypted and decrypted in decryption unit 478 in decryptor 185. Bit 16 determines whether key a or key B is used for decryption in unit 478.
The encryption status bit ENC determines how the decryption unit 478 processes the payload data. The unencrypted payload data passes unchanged from the high speed data input of the smart card 180 to the high speed data output via the decryption unit 478. The encrypted data is decrypted by unit 478 at the data rate. The decrypted video and audio data is transmitted to the high speed data output of the smart card 180. In each decrypted audio or video packet, the ENC bit in the packet header is set to a logic "0" indicating that the packet is "clear," i.e., decrypted.
To ensure that unauthorized users do not access data associated with the entitlement or key to decrypt, the decrypted EMM or ECM data is not sent out of the smart card 180 via the high speed data output. One approach for smart cards is to simply remove the EMM or ECM data components from the data stream at the output of the smart card. However, by monitoring changes occurring in the data stream between the data input and output of the smart card 180, a hacker can obtain useful information about the processes occurring in the smart card 180. For example, a hacker may assume that the information removed from the data stream by the smart card belongs to a service associated with the smart card.
This problem is overcome by setting the ENC bit to a logic 1, so that the original encrypted EMM or ECM control information component passes from the high speed data input through the smart card 180 to the high speed data output. More specifically, a first signal component of the input signal, such as encrypted ECM or EMM control information, is processed (e.g., decrypted) with a decryptor 478 to produce a first processed signal such as decrypted data required for key generation. Information such as key information in the first processed signal is used by decryptor 478 to process the second component of the input signal to produce a second processed signal representing, for example, decrypted video or audio data. The first signal component of the input signal is combined with the second processed signal to produce an output data stream from the smart card 180. Thus, for example, encrypted entitlement information in the input signal may be decrypted and used by the smart card 180, but the corresponding data at the output is unchanged, thereby reducing the information that may be obtained by a hacker monitoring the data stream.
To further obscure the nature of the processing occurring in the smart card 180, the original components of the input signal are delayed before being re-inserted into the output data stream. This delay ensures that the timing relationship between the encryption control information (e.g., EMM and/or ECM) and the decrypted data (e.g., video and/or audio data) in the data output signal of the smart card 180 is substantially the same as the timing relationship between the encryption control information and the encrypted data in the data input signal of the smart card 180. As a result, it is more difficult for hackers to determine characteristics of smart card 180, such as internal decryption latency, by monitoring the data stream.
In fig. 4 the original encrypted data is delayed and re-inserted into the data stream via first-in-first-out (FIFO) memory 477 and router 479. The input data signal to FIFO 477 is the signal at the data input of decryptor 478. The delay through FIFO 477 can be adjusted by control processor 183 to provide a delay through FIFO 477 that corresponds to the particular decryption algorithm being executed in decryptor 478. For example, the delay through the FIFO 477 may be increased or decreased by storing more or less data in the FIFO, respectively, before starting to read data out of the FIFO. Router 479, under the control of control processor 183, combines the delayed data from FIFO 477 with the decrypted data from decryptor 478 to produce a data output signal from smart card 180. The router 479 may comprise a multiplexer for selectively coupling either the output of the FIFO or the output of the decryptor to the data output of the smart card 180 in response to control signals provided by the control processor 183.
The EMM and ECM data decrypted in the decryption unit 478 are temporarily stored in the RAM 426 of the security controller 183 until they are subjected to the entitlement management and key generation processing by the security controller 183. The transmission unit 120 in fig. 1 receives data (either unchanged or decrypted) from the high-speed data output terminal of the smart card 180. The PID value of each packet is checked and the payload is passed to the appropriate functional device of fig. 1 (e.g., microcontroller 160 or decompressors 140 and 145) for further processing.
The operation of the smart card 180 is controlled by commands of the microcontroller 160 in fig. 1, which are transmitted to the smart card 180 via the ISO standard serial interface. In practice, microcontroller 160 is the master processor and security controller 183 is the slave processor. For example, microcontroller 160 transmits PID information to smart card 180 and instructs the smart card to decrypt the data in the corresponding data stream. For the appropriate type of data processing, such as qualification processing, key generation, and decryption, the security controller 183 responds by checking the qualification and configuring the smart card 180. In addition, the microcontroller 160 requests status information regarding whether decryption is in progress. The command is transmitted to the security controller 183 in the smart card 180 through the serial I/O terminal. Any response required by the command is returned to microcontroller 160 via the serial I/O terminal. Thus, the serial I/O signals function as control signals between the system and the smart card 180, while the high speed data interface provides high speed input and output data signals between the card and the system.
The serial communication between the microcontroller 160 and the smart card 180 is performed according to the protocol provided in ISO standard 7816-3. The smart card informs the system of the prescribed protocol to be used by sending a protocol type number T to the system. In detail, when a card is inserted into the card reader, the card reader supplies power to the card and resets the card by activating a reset signal. The card responds to the reset signal with a "reset acknowledge" data sequence as specified in ISO standard 7816-3 section 6. The answer to the reset comprises an interface byte TDi, the four least significant bits of which define the protocol type number T (see ISO standard 7816-3, section 6.1.4.3).
The protocol type of the system shown in fig. 1 is type T-5. The protocol is classified as "reserved" in the ISO standard, i.e. it is not currently defined. For the system shown in FIG. 1, protocol type 5 is the same as protocol type 0 (the asynchronous half-duplex protocol defined in section 8 of ISO Standard 7816-3), except for the way the baud rate of the serial I/O is determined. Serial I/O at the card interface proceeds at a rate determined according to table 6 as per ISO standard 7816-3. The baud rate calculation is based on the clock rate of the security controller 183. For existing smart cards, the clock frequency of the security controller 183 is equal to the clock frequency fs at the clock pin of the card. As shown in fig. 4, the smart card 180 includes a divider 422 for dividing the rate Fin of the high speed data input clock by a factor of N, i.e., Fin/N, to establish a clock rate for the privacy controller 183. Thus, for protocol type 5, table 6 of ISO standard 7816-3 is modified by defining fs ═ Fin/N.
All commands of the type 5 protocol are initiated by the microcontroller 160 as when the protocol type is 0. The command starts with a 5-byte header that includes a one-byte instruction class identifier (CLA), a one-byte Instruction (INS), a two-byte parameter (P1, P2) (e.g., address), and a one-byte number (P3) that defines the number of bytes of data that will follow the header as part of the command. For the system shown in fig. 1, the parameters P1, P2 are not needed, so these bytes are "irrelevant". The command thus has the following form:
CLA | INS | - | -P3 | data (P3 bytes)
The commands recognized by the smart card 160 include a status command and a PID transfer command. The smart card 160 responds to status commands from the microprocessor 160 by providing the processing status of the card, e.g., whether the card has completed key generation or whether the card is decrypting data. The microcontroller 160 employs a PID transmit command to transmit a PID number associated with the tuned channel. Other commands, such as a command to transfer EMM and ECM data, a command related to a key, and a "purchase offer" command are also possible, as will be explained below.
The operation of the smart card 180, and in particular the decryptor 185, will be described in more detail below with reference to fig. 5-8. When a new channel is tuned, microcontroller 160 transfers the PID value of the new channel from the PID map to smart card 180, as shown in fig. 5. PID data transfer is performed using one PID transfer command comprising N PID values, where N is specified in byte P3 of the command header. The command and PID values are transmitted via the serial data terminal of the smart card 180 and the serial input/output unit 424. CPU 421 receives the PID value and directs the data to the appropriate PID register in register 474 of decryptor 185.
Before the signal can be decrypted, the user must be entitled to access and the correct key must be loaded into the decryptor 185. After transmitting the PID data to the smart card 180, the security controller 183 compares the PID value with the qualification data stored in the EEPROM 423 to see whether the user is qualified to access the tuned channel. Assuming the user is qualified, the next step is key generation. Key generation includes processing ECM data. The ECM must be received and processed to generate the key before the audio and video data can be decrypted. The purpose of encrypting the ECM data is to reduce the possibility of unauthorized key generation. When the card is issued, a key for decrypting the ECM is stored in the EEPROM 423 of the card. As shown in fig. 6. The ECM key is transferred by CPU 421 from EEPROM 423 to an ECM key register in decryption unit 478.
If the user is not eligible to access the tuned channel, then the eligibility must be received before key generation and decryption can occur. The entitlement may be received via an EMM. The "address" identifying a particular smart card is stored in the card's EMM address unit 476 at the time of card issuance. The service provider may direct the EMM to a specific card by means of address information included in the EMM. The smart card compares the address information in the EMM with the card address stored in unit 476 to detect the EMM information directed to the card. If the user is not qualified, the security controller 183 configures the card for EMM processing in the case where EMM data is received.
In the case of an ECM key, the issued card stores an EMM key in EEPROM 423. In fig. 6, the EMM key is transferred by CPU 421 from EEPROM 423 to an EMM key register in decryption unit 478. The encrypted EMM data of the transmission unit 120 of fig. 1 is input into the card via the high-speed data input port. After checking the EMM address in element 476, the EMM data assigned to the card is decrypted in decryption element 478. The decrypted EMM data is temporarily stored in RAM 426 and processed by CPU 421 to update the entitlement data stored in EEPROM 423.
After the PID values are loaded, the entitlement is present, the ECM keys are in place in the decryptor 185, and the card is ready to decrypt the ECM data and generate the audio and video keys. In fig. 7, ECM data in the signal is received by smart card 180 via a high speed data input and detected by transport decoder 472. The ECM data is directed to decryptor 478 where the previously loaded ECM key is used to decrypt the ECM data. Decrypted ECM data is transferred from decryptor 478 to RAM 424. When the decrypted ECM data is available, CPU 421 executes a key generation algorithm stored in EEPROM 423 and ROM 425 to generate video and audio keys using the decrypted ECM data in RAM424, the generated keys being passed to appropriate video and audio key registers in decryptor 478.
As shown in fig. 7, decryptor 478 includes two key registers for video, video keys a and B, and two key registers for audio, audio keys a and B. Whether key a or key B is used to decrypt a particular packet is determined by the key flag in the packet header (see table 2 above). The use of the "multi-key" feature allows a new key to be generated when an existing key is used to decrypt data. Processing the ECM data in the security controller 183 to generate a new key and transfer the new key to the key register in the decryptor 478 requires a sufficient number of instruction cycles in the CPU 421. If decryption is suspended while the new key is generated and transmitted, the processing delay may require someone viewing the program to view the decrypted image until the new key is in place in decryptor 478. Having both key registers a and B allows the use of a key in one key register (e.g., key register a) to decrypt data while generating a new key that is loaded into a second key register (e.g., key register B). After key generation is initiated by sending ECM data, the service provider waits a period of time sufficient to ensure that key B is generated in decryptor 478 before the encrypted packets take on the new key B. The key flag informs the decryptor 185 when to start taking new keys.
After the operations shown in fig. 5, 6, and 7, the decryption key 478 has been activated. It has all the key information needed to process the data encrypted in the tuned channel, including EMMs, ECMs, video and audio data. Fig. 8 shows a signal flow when data processing is performed. Encrypted data enters the smart card 180 via the high speed serial data input, which is decrypted in decryptor 478 using the previously loaded key. For example, if the transfer unit 472 determines from the header of an incoming packet that the payload data is video data associated with video key a, the packet payload is decrypted in the decryptor 478 using video key a. The decrypted data is output directly from smart card 180 via a high-speed serial data output. Note that the data processing in fig. 8 does not require interaction between the decryption unit 185 and the privacy control unit 183, which allows the decryptor 478 to process data at a high data rate of an input signal.
The key generation in combination with the decryption feature of the decryption unit 478 in the security controller 183 provides the smart card 180 with full possibilities of handling encrypted signals, which may be implemented using a variety of algorithms, including the Data Encryption Standard (DES) algorithm and the Rivest-Shamir-adleman (rsa) algorithm. By providing various access controls related to processes in the smart card 180, security related data (e.g., key data) need not be transferred outside of the smart card 180. As a result, the security performance is significantly improved compared to systems employing decryptors external to the smart card.
Although it is advantageous to use a decryptor 185 within the smart card 180, an external decryptor, such as decryptor 130 in fig. 1, may also be used. An external decryptor may be required to implement the described smart card in compatibility with existing pay-tv systems that generate a key in the smart card 180 and transfer the key to the decryptor 130. On the other hand, both the decryptor 185 and the decryptor 130 may be used. For example, the signal may be twice encrypted using two different keys to enhance privacy. A twice encrypted signal can be decrypted using the system shown in fig. 1, with the following steps: the signal is decrypted once in the decryptor 185 using the first key, the partially decoded data is transmitted to the decryptor 130, and the signal is decrypted a second time in the decryptor 130 using the second key. The second key is generated in the smart card 180 and transmitted to the decryptor 130.
For applications that include decryptor 130 (i.e. applications where key data is transferred outside of smart card 180), commands are provided to transfer key data between controller 160 and smart card 180 via the serial I/O interface. For example, the microcontroller 160 sends ECM data to the smart card in a command, and requests the status of key generation with a status command. After the status data indicates that key generation is complete, another command requests the key data, and the card responds by sending the key data to the controller 160. The key is thus transmitted to the decryptor 130.
Various modifications may be made to the described embodiments. For example, it will be apparent to those skilled in the art that the present invention may be applied to other signals and systems than those described. For example, video systems and video signal protocols other than that shown in FIG. 3 have the DSS described aboveSatellite systems and High Definition Television (HDTV). Access control systems of the type described may also be employed in signal processing systems such as cellular telephone systems where processing qualification may include determining whether a user is authorized to access a cellular telephone system and, if so, processing encrypted cellular telephone signals.
Applications such as cellular telephone systems include the generation of outgoing signals in addition to processing incoming signals. Generating the outgoing signal requires encryption. The smart card can encrypt data if appropriate encryption software is stored in the EEPROM and ROM of the smart card 180. Thus, the present invention is applicable to signal source applications such as "headend" applications in a telephone system or cable television system. These and other modifications are within the scope of the following claims.