The invention relates to a system for broadcasting data signals in a secure manner, comprising means for encrypting the data signals using a first key, means for broadcasting the encrypted data signals to subscribers, means for decrypting the encrypted data signals at each of the subscribers using the first key, means for encrypting the first key using a second key, said second key being different for each group of subscribers having a common interest in a type of programs, means for broadcasting the encrypted first key to all subscribers, means for decrypting the encrypted first key at each of the subscribers using the second key.
Such a system can be used for example in a pay-TV system. A system of this type is disclosed in U.S. Pat. No. 4,531,020. For security reasons it would be desired to change the second key rapidly. In the known system this would however require a large amount of data to be distributed to the subscribers in the system. Distributing a large amount of data for changing the keys reduces the availability of bandwidth for broadcasting program signals and the like. Therefore the second key is changed at a very low rate of each month or even less.
It is an object of the invention to provide a system of the above-mentioned type, wherein the second key can be changed relatively rapidly without requiring the distribution of a large amount of data.
According to the invention the system of the above-mentioned type is characterised in that said second key is a combination of a key common to all subscribers and a difference key which is unique per type of programs, wherein means are provided for encrypting the common key and for broadcasting the encrypted common key to all subscribers and means for decrypting the encrypted common key at each of the subscribers.
In this manner the second key can be changed very rapidly by changing the common key which is common to all subscribers so that only one key for the complete system needs to be distributed.
Preferably the system comprises means for changing the common key at a relatively high rate.
The system of the invention further shows the advantage that a different key hierarchy can be used for entitlements and security, repectively. At the entitlement level the second key is different for each group of subscribers having a common interest in a specific type of programs, such as sports, film etc. The difference in second keys is obtained by providing different difference keys for each type of program or individual program etc. The security structure however can be structured to eliminate pirate smart cards as soon as possible. According to the invention said means for encrypting and decrypting the common key, respectively, include a chain of encrypting and decrypting means, respectively, each next encrypting and decrypting means operating in a manner common to a smaller number of subscribers.
In this manner the group including the pirated smart card can be found relatively easily.
The invention further provides a system for decrypting encrypted data signals in a broadcasting system with a number of subscribers, comprising means for decrypting the encrypted data signals using a first key, means for decrypting the encrypted first key at each of the subscribers using a second key, said second key being different for each group of subscribers having a common interest in a type of program, characterized in that said second key is a combination of a key common to all subscribers and a difference key which is unique per type of programs, wherein means are provided for decrypting the encrypted common key at each of the subscribers.