In systems that include secure communications, including conditional access systems as are well known in the art, there is a well-known problem of “hackers” who attempt to access secured communications in an unauthorized manner.
One particular hacker attack and a system for frustrating such a hacker attack is described in U.S. Pat. No. 5,590,200 to Nachman et al, the disclosure of which is hereby incorporated herein by reference. The disclosures of all references referred to in U.S. Pat. No. 5,590,200 are also hereby incorporated herein by reference.
Briefly, the system of Nachman et al is intended to frustrate a particular type of hacker attack known as “the McCormac hack”. In the particular context of conditional access systems for television in which the McCormac hack was developed, the McCormac attack may be understood as follows.
Prior art systems typically include an ICAM (Integrated Conditional Access Module), typically comprised in a set top box (STB), in communication with a security element such as a smart card. (It is appreciated that some prior art systems may perform similar functions without having an ICAM). In prior art systems, as is well known in the art, the ICAM receives an Entitlement Control Message (ECM), typically but not necessarily by broadcast. The ECM includes information necessary to generate a Control Word (CW) used for descrambling content such as broadcast content. The ICAM passes the ECM to a secure computation unit, typically comprising a removable security element such as a smart card, where the ECM is processed, typically using a secret cryptographic function, to obtain the CW. The smart card then passes the CW back to the ICAM, which in turn passes the CW to other components of the STB for use in descrambling the content. Typical prior art systems are described in U.S. Pat. Nos. 5,282,249 and 5,481,609 to Cohen et al and in U.S. Pat. No. 6,178,242 to Tsuria, the disclosures of which are hereby incorporated herein by reference.
It is well known in the prior art that the smart card is specifically designed to return a valid CW only to users who are authorized to view a particular piece of content, or a particular service, associated with the ECM.
Briefly, the McCormac hack comprises a method for listening in to or “sniffing” the communications between the ICAM and the smart card, and in particular for capturing the CW being returned to the ICAM by the smart card. In the McCormac hack, the CW is then broadcast to other set top boxes, including set top boxes which are not authorized to view the content associated with the ECM. While the original McCormac hack was described in terms of radio broadcast of the CW, the inventors of the present invention believe that other distribution methods, including distribution via a network such as the Internet or distribution via local coaxial cable associated with a pay television system, may also be used in the McCormac hack and that these other methods may be more practical and easier to use. Therefore, the inventors of the present invention believe that the McCormac hack may now be a more serious threat than previously supposed.
The system of Nachman et al provides a particular system for frustrating the McCormac hack. The inventors of the present invention believe that there are some drawbacks in the system of Nachman et al. In particular, the system of Nachman et al, if implemented in an existing broadcast system, for example, would require changes in the broadcast headend. Furthermore, the system of Nachman et al would require extra bandwidth, as opposed to earlier prior art systems, in order to send ECMs in accordance with the system of Nachman et al. One example of an earlier prior art system in this context is described in U.S. Pat. Nos. 5,282,249 and 5,481,609 to Cohen et al, mentioned above and incorporated herein by reference.
The following U.S. Provisional Patent Applications, from which the present application claims priority, are hereby incorporated herein by reference:
U.S. Provisional Patent Application Ser. No. 60/322,053 of Halperin et al, filed 13 Sep. 2001; and
U.S. Provisional Patent Application Ser. No. 60/382,488 of Halperin et al, filed 22 May 2002.
The disclosures of all references mentioned above and throughout the present specification are hereby incorporated herein by reference.