Conditional access systems for digital video broadcast (DVB) transmissions are well known and widely used in conjunction with pay television services. Such systems provide secure transmission of a broadcast stream comprising one or more services to a digital receiver contained for example in a set-top box or a mobile terminal supporting broadcast services. To protect the broadcast services from unauthorized viewing, the data packets are scrambled (encrypted) at the transmitter side with a randomly generated encryption key commonly referred to as a control word. Further security may be provided by periodically changing the control words so they are only valid for a certain period (a so-called crypto period). In that case, for each crypto period the receiver side should be provided with a new control word. Typically these control words are transmitted in encrypted form to the receiver using so-called entitlement control messages (ECMs).
The distribution of periodically changing control words to authorized receivers may be implemented in various ways. The current DVB standards, such as the DVB SimulCrypt as described in ETSI TS 103.197 V1.4.1 of March 2007, describe an in-band control word distribution scheme wherein control words are distributed to the receiver by a head-end system which is configured to multiplex one or more streams of TV service data with associated streams of ECMs into an MPEG-2 transport stream and to transmit the transport stream to a receiver infrastructure.
In the receiver an ECM is filtered out of the transport stream and sent to a trusted computing environment, e.g. a smart card. The smart card subsequently decrypts the ECM using a higher-level key, which is common to all smart cards that are authorised to receive the TV channels associated with that key. The control word is returned to the receiver, which immediately loads the control word into the descrambler for descrambling data. Hence, the reception of an ECM by the receiver initiates an ECM processing cycle (i.e. the transmission of an ECM to the smart card, its decryption and the return of a control word CW to the receiver).
The ECM processing cycle, which relies on a one-to-one relationship between an ECM and a control word, limits the rate at which the receiver may be updated with control words.
When fast update cycles are required in order to increase security, the conventional ways of ECM processing within a receiver are therefore no longer suitable.
Moreover, some applications associated with multi-program transport streams require parallel and real-time descrambling of two or more services in one transport stream or in two or more different transport streams. In that case, for each crypto period new ECMs for each program stream should be processed by the smart card within a relatively short time frame. Given the limitations of the processing power, the I/O bandwidth and the storage capacity of a (single threaded) smart card, the throughput of ECMs required for descrambling multiple services may be affected thereby causing undesired service interruptions and/or errors.
US2008/0137850 describes a method for descrambling an MPEG-2 stream wherein multiple CWs associated with multiple PID channels (e.g. audio and video) are sent in a generic key packet to the CA receiver. This documents however does not describe a scheme for an efficient control word generation for scrambling multiple program streams and/or for use with multiple conditional access systems.
Hence, there is a need in the art for methods and systems allowing improved schemes for scrambling data and processing control words in a conditional access system.