Television services now routinely are delivered over both (digital) broadcast network infrastructures and point-to-point communication infrastructures. Hence, a wide range of devices are being used to consume digital television content. A typical TV receiver architecture supporting multiple TV delivery infrastructures is shown in FIG. 1. In particular, the TV receiver 100 is arranged to receive a scrambled data stream from a broadcast network 112 and/or to receive an IP TV stream from the internet 116.
The TV receiver 100 of FIG. 1 has a conditional access (CA) client application 102 with an Application Programming Interface (API, not shown) that connects to an embedded application 104 and to various hardware resources in the TV receiver 100 such as a de-modulator and a de-multiplexer (jointly depicted using reference numeral 106), and a key loader 108. Input/Output (I/O) devices 118 may be used to communicate with the embedded application 104. The API of the CA client 102 can also connect to a smart card 110 coupled to the TV receiver. The smart card 110 implements the key management functions for a specific CA system. These systems are well known. A fairly extensive description of a Conditional Access System is given in EP2334070, the entire contents of which are incorporated herein by reference. Importantly, existing devices have a fixed CA client and updating this software is difficult. Some standards and specifications are available that enable downloadable CA client applications that execute in a virtual machine, but these specifications have not found widespread adoption. The CA client typically processes its CA data (commonly called EMM and ECM streams) from the broadcast signal (so-called in-band CA signalling), where an EMM is an Entitlement Management Message and an ECM is an Entitlement Control Message. So-called out-of-band signalling is known from CA systems operating in a Cable Television network. Here a separate carrier is used to transmit CA data.
The CA client 102 sends an ECM message to the smart card 110. The smart card decrypts the ECM to obtain the control word (CW) and uses the CA client to securely send the CW via the key loader 108 for use by the descrambler 114 of the TV receiver 100. EP2461534, the entire contents of which are incorporated herein by reference, describes a public key based key loader. It also describes other well known key loaders based on symmetric key cryptographic algorithms and that relies on a secret key in the key loader module.
Security systems for content delivery over the internet have traditionally used a fixed content key that is delivered in an encrypted digital content rights container and that is associated with the encrypted digital content file. After the initial delivery, it is not necessary to contact the digital content rights server for later accesses to the encrypted content. These systems also may benefit from using a key loader as described in PCT/EP2011/069263, the entire contents of which are incorporated herein by reference.
The present invention aims to provide an alternative method for enabling a content receiver (e.g. TV received 100) to access encrypted content.