Communication networks are often the medium through which digital content distributors distribute protected content from digital content distribution facilities. Content distribution services employ a wide variety of security measures in order to prevent the unauthorized use or reproduction of protected content. A conditional access system (CAS) architecture is one type of security measure.
A CAS architecture is a technology scheme which utilizes encryption technology which may include delivering messages including different types of encryption keys to client devices. In the CAS architecture, keys may be used for various encryption and decryption tasks at, for example, a headend of a cable TV distribution network and at the client devices. A CAS architecture generally calls for a client device to have current encryption keys as a pre-requisite for enabling the client device to decrypt or unlock digital content delivered to it which has been protected during delivery through encryption.
In many CAS architectures, typically multiple keys may be needed to decrypt content. However, it is often not easy to deliver all the keys to the client devices. In some instances, the client devices may not be connected to the network, such as for portable client devices. In other instances, the client devices may be turned off and thus are unable to receive the keys. As a result, a user may be unable to access encrypted content in a timely manner.
For some types of encryption keys, depending on the CAS architecture adopted by the distributor, new keys are sent to client devices to replace previously distributed keys used for a period of time at the client devices in the CAS architecture. The content distributors operating the headend send the new keys on a regular basis to better protect their digital content. This replacement practice is based on the assumption that a previously utilized and/or distributed key for encryption/decryption may be expired or compromised.
The value and variety of digital content provided to client devices has grown enormously in recent years. Some types of highly popular content are known to attract scofflaws with an enhanced technical skill set which they often use in seeking to obtain unauthorized access to protected content. There are also a growing number of content sources. Also, highly popular and specialized varieties of digital content often mandate that new keys be delivered and installed at the client devices. The installation generally needs to be completed before the client devices may decrypt, access and/or display digital content which has been delivered to the client devices in an encrypted state.
To address these systematic demands for greater protection, digital content distributors are seeking to provide and replace certain types of keys with a high frequency and at irregular intervals. Some distributors have attempted to address these needs by repeatedly sending messages with the new keys to the client devices in wide distribution broadcasts. These repeated messages are also sent at accelerated rates of distribution, with shorter intervening time intervals between the repeated transmission, of similar messages carrying identical new keys to the same target population of client devices. In essence, these efforts are brute force attempts to ensure that any expiring keys at the client devices are replaced with new keys before the old ones expire.
These practices are wasteful of the available bandwidth on the communications networks which could otherwise be used for providing content, messages or other information to the client devices. Also, brute force distribution practices may not adequately ensure that the appropriate new keys are successfully and timely received at the targeted client devices.
In the case of mobile (i.e., portable) client devices, especially those which rely on wireless communication networks and battery power, the costs associated with repeated and widely broadcasted messages are especially high. This is partly due to the unpredictability of the mobile devices to having access to a communications network. Lack of service often occurs when mobile devices are located in a poor reception area. Also, communications network access for the mobile client devices can also be inhibited or lost due to their reliance upon powering down when not in use in order to preserve their limited battery life.