This invention relates to the area of secure packet-based broadcasting, multicasting or unicasting of content data and more particularly to the area of encryption of data encoded in packets. It also addresses the area of transferring encryption keys, entitlement information and information specifying how to retrieve keys and entitlement information, from the broadcast/multicast head-end to the users of the content.
It concerns substantially a method for processing packets with encrypted data received by a client from a head-end connected to the client through at least one network, wherein the data packets comprise at least an encryption header and an encrypted payload.
The invention also relates to a system for secure packet-based transfer of content data, comprising a head-end, that is connected to a network and comprises a receiver for receiving clear data packets from a source, an encryption unit for encrypting at least part of the data packets, and generating data packets comprising the encrypted part of the clear data packets and a network interface for sending the data packets through the network, which system further comprises at least one client connected to the network with a network interface for receiving data packets sent through the network, capable of composing data packets from data packet fragments.
The invention also relates to a method for secure packet-based transmission of content data from a head-end to at least one client, through at least one network to which the head-end and the client are connected.
Encrypting and broadcasting content is known from the field of television broadcasting. With the advent of the Internet, a start has been made with broadcasting content through this medium, using the standard protocols defined for the Internet. Content sent over the Internet must also to be encrypted to avoid illegal viewing. The receivers of the content (clients) are typically PC's, performing multiple tasks. It is important that the encryption process does not impact the performance of the client PC too much. It is also very important that the decryption mechanism is independent of network cards and applications. If this can be achieved it will provide significant cost saving for the provider of the decryption system. The application only has to be ported to new operating systems and can then be used on any configuration of network interface hardware and data processing software with any multicast or unicast application.
To be able to decrypt the encrypted information, the encryption keys have to be sent to the client (receiver and viewer of the content). To be able to determine whether a client is entitled to use or view the content the access conditions of the content have to be sent to the client. In the television broadcast environment, this information is sent as part of the content utilising a special type of message, the Entitlement Control Message (ECM). Such a message contains the encryption keys and the access conditions of the program.
In addition to the ECM, Entitlement Management Messages (EMMs) also have to be sent to the clients. An EMM is a message setting the access profile of a viewer, in other words, authorising a client to de-scramble a particular service.
To obtain a system and methods of the above-discussed kind that are independent of the configuration of the client, the invention provides a method of the above-mentioned type for processing packets with encrypted data received by a client comprising:                extracting the encryption header from a data packet;        extracting and decrypting the encrypted payload to form clear data;        generating a clear data packet header; and        generating a clear data packet fragment comprising the clear data packet header and the clear data.        
By generating a clear data packet fragment comprising the clear data packet header and the clear data, the decryption process becomes transparent to the applications that use the clear data. They do not have to be adapted to the encryption format, and decryption is independent of the operating system and the applications that use the data.
In a preferred embodiment of the invention, the method further comprises providing the clear data packet fragment as input to a network protocol stack on the client that is capable of buffering clear data packet fragments and assembling them into a clear data packet. This allows for speedy decryption and sparing use of resources on the client, since a clear data packet fragment can be passed to the stack directly after decryption, without any prior buffering.
In a preferred embodiment, wherein the encryption header of the packet with encrypted data comprises information allowing assembly in the stack of a clear data packet from related clear data packet fragments, the method further comprises extracting the information from the encryption header and including it with the clear data packet fragment.
This makes the decryption process completely transparent to the stack and the applications using the clear data packets after they have been processed in the stack. Decryption is independent of the particular implementation of the network protocol stack, since no extra information has to be passed to the stack besides the information already comprised in the clear data packet fragments, which is compliant with existing standards.
The invention further provides a method of the above-mentioned type for secure packet-based transmission of content data from a head-end to at least one client, comprising:                retrieving a clear data packet comprising an unencrypted payload;        dividing the unencrypted payload into one or more fragments;        applying an encryption algorithm to each fragment to generate encrypted fragments;        generating an encryption header for each encrypted fragment;        composing a packet with encrypted data for each encrypted fragment, comprising the fragment, the encryption header and a data packet header for the fragment; and        transmitting each of the thus composed packets to the client.        
Thus, because the unencrypted payload is divided into fragments and an encrypted data packet is generated for each fragment, a client receiving the encrypted data packet will not have to use a buffer to collect the entire encrypted payload before starting to decrypt the encrypted data. Instead, it can decrypt each fragment as it arrives, which demands less of the resources available at the client and speeds up the decryption process.
In a preferred embodiment, the encryption header for at least one fragment is provided with information regarding the length of the clear data packet and information regarding a checksum of the unencrypted payload, to allow re-assembly of the clear data packet at the client.
From this information, a new header can be composed at the client, before all the fragments comprising the encrypted payload have arrived. The fragment comprising this new header can immediately be passed on to the standard software for re-assembling fragments of a clear data packet, thus eliminating the need for any special software to perform this task for the packets with encrypted data in the protocol stack.
Speedy decryption and a low demand on client resources are also inherent advantages of the system of the above-mentioned type according to the invention, wherein the client comprises a decryption unit for generating clear data by decrypting encrypted data comprised in the received data packets and for generating data packet fragments from the clear data. Since the client is capable of composing data packets from data packet fragments, the data packet fragments can directly be assembled into normal clear data packets after decryption.