The present invention relates generally to security apparatus for information processing systems and more particularly to the implementation of a secure microprocessor with reduced vulnerability to a security breach. The invention is particularly applicable to the secure transmission of scrambled television signals, although it is by no means limited to such use.
There are many schemes available for controlling the remote descrambling of television signals. Such schemes are necessary to maintain security in subscription television systems, including cable television systems and satellite television systems. Typically, a system subscriber is provided with a descrambler connected between a television signal source (e.g., cable feed or satellite receiver) and a television set. Each subscriber's descrambler is remotely accessed by the system operator to enable or disable the receipt of specific services such as the Home Box Office movie channel or special pay-per-view sports events. One problem with such systems is that "pirates" are apt to break the system security and sell "black boxes" that enable the reception of all programming without paying for the services received. It has been difficult and expensive for system operators to contend with the piracy problem. Once a particular security system is breached, the system operator must usually replace all existing descramblers with new units that operate with a different security algorithm. In order to avoid this costly necessity, it is desirable to improve the security of such systems to make them less vulnerable to a successful attack.
In the past, access to the clock of a secure microprocessor has often been used by pirates to modify the operation of the processor, such as by high speed pulsing. The ability of a pirate to observe such clock signals is critical in mounting a successful attack to the system security. However, such observation is nearly useless if the observation does not allow prediction of the clock signal in the future. It would therefore be advantageous to preclude the observation of a clock signal. It would be further advantageous to render the observation of a portion of a clock signal useless for predicting the future operation thereof.
The present invention provides the above-mentioned advantages through a scheme in which a secure microprocessor clock is modulated in a substantially random fashion which eliminates the ability to predict the clock even if it is observable. The term "substantially random" is used because complete randomness may be difficult to achieve in a practical system. For purposes of the following disclosure and claims, the terms "random," "substantially random" and pseudorandom are meant to be synonymous and are intended to include a completely random event or an event that exhibits a sufficient degree of randomness (e.g., almost completely random) to achieve the intended result taking practical considerations, such as cost and reliability, into account. Thus, the use of the term "random" hereinafter is not meant to imply complete randomness. The term "substantially unpredictable" is meant to comprise as high a level of unpredictability as is possible using a substantially random input, and the use of the term "unpredictable" alone is intended to encompass the concept of substantially unpredictable.