As it is well known in the field of digital pay television, a digital data stream, for example an audio/video stream is broadcast towards user units in encrypted form in order to be able to control the use of this data and to define the conditions for this use. This encryption is achieved thanks to Control Words that are changed at a regular interval (typically between 5 and 30 seconds, although notably longer intervals may be used) in order to dissuade any attack aiming to discover this control word.
In order for the receiving user unit to be able to decrypt the encrypted data stream with these control words, the latter are sent independently of the stream in entitlement control messages (ECM). In the existing systems, these entitlement management messages are broadcast in encrypted form, the encryption key pertaining to the transmission system between a management centre and the user unit. In fact, the security operations are carried out in a security module (SC) of the user unit.
As it is well known from the man skilled in the art, the security module can essentially be realized according to four distinct forms. One of these forms is a microprocessor card, a smart card, or more generally an electronic module (taking the form of key, a badge, . . . ). Such a module is generally removable and connectable to the decoder. The form with electric contacts is the most widely used, but a connection without contact for example of the type ISO 14443 is not excluded.
A second known form is that of an integrated circuit box, generally placed definitively and irremovably in the decoder. An alternative is made up of a circuit mounted on a base or connector such as a SIM module connector.
In a third form, the security module is integrated into an integrated circuit box also having another function, for example in a descrambling module of the decoder or in the microprocessor of the decoder.
In a fourth embodiment, the security module is not realized as hardware, but its function is implemented only in software form. Given that in the four cases, the function is identical although the security level differs, we can talk about a security module regardless of the way in which its function is carried out or the form that this module may take.
A control message (ECM) does not only contain the control word but also the conditions required for this control word to be sent back to the receiver/decoder.
At the time of the decryption of a control message (ECM), it is verified, in the security module (SC), if the right to access the stream is present. This right can be sent by entitlement management messages (EMM) that load this right into the security module.
The control word is only returned to the user unit when the comparison is positive. This control word is contained in a control message ECM that is encrypted by a transmission key.
In order for the right to be present in the security module, it is generally loaded into this module by an authorization message (EMM) which for security reasons, is generally encrypted by a different key, called right key (RK).
According to a known form of Pay-TV diffusion, the three following elements are necessary to decrypt an event at a given time:                the data related to the event encrypted by one or a plurality of control-words (CW),        the control message(s) ECM containing the control-words (CW) and the access conditions (AC)        the corresponding right stored in the security module allowing the verification of said access conditions.        
Accounting for the use of audio video content or other conditional access data is today based on the principle of subscription, on the purchase of events or on payment by time unit.
Subscription allows the definition of a right associated to one or more channels or services transmitting the content and allows the user to obtain these services in clear if the right is present in his/her user unit.
Although these systems work very well and are widely implemented, the management of a large variety of different access conditions can be quite complex. In the known systems using encrypted data stream, entitlement control messages ECM and entitlement management messages EMM, a conditional access kernel is required. This conditional access kernel implies a complex system and a great reliability in order to ensure a great security level.
One object of the invention is to simplify the system while ensuring at least the same level of security as in prior art systems.
Another drawback with prior art inventions is that the management center must be certain that almost all of the authorized user units received the entitlement management messages. Therefore, the messages must be sent several times, which requires a great bandwidth.
An object of the present invention is to enable the authorized users to access to conditional access data while using a smaller bandwidth.
In the prior art inventions, when a user unit receives a control word, it needs time to decrypt it and to access to the encrypted data. When a user watches one channel, this is usually not a drawback as generally, two control words are sent simultaneously; one for the current cryptoperiod and one for the next cryptoperiod. The next control word can thus be decrypted while the current one is used.
However, when a user changes the channel, prior art systems may require quite a long time before the content may be decrypted and displayed.
An object of the invention is to lower the waiting time when the user changes the channel he/she is watching.
An attempt to achieve the objects of the invention is described in EP0 528 730. In the invention described in this document, a content to be sent to several users is split into several blocks. A root control word is used together with a key pertaining to each concerned user unit to form a personal control word. This personal control word is used to encrypt the blocks of content. Thus, each block is specific to the user for which it is intended and it cannot be used by another user.
This method could be of interest in case the data to be sent is of small size. If this is not the case, as for example in the content is a pay TV audio/video files, this method would not be applicable or with difficulties as it would involve sending to each user a great amount of data.
In other prior art documents, such as for example in FR 2 895 865, the solution to prevent a fraudulent user to have access to a conditional access content is to authenticate each user prior to sending him/her content. Once authenticated, the audio/video data as well as the ECM containing the control word are identical for each user.