In a well-known method, in particular in the aforementioned field of Pay-TV, data is encrypted by a data supplier by means of encryption keys called control words. This data is transmitted to multimedia units of users or subscribers. Parallel to this, the control words are transmitted to these multimedia units in the form of a stream of control messages.
The multimedia units are generally made up of a processing unit that, in the case of Pay-TV, is a decoder receiving the aforementioned stream and of a security module responsible for the cryptographic operations related to the use of these streams.
As is well known to those skilled in the art, this type of security module can essentially be produced according to two distinct forms. One of these is a microprocessor card, a smart card, or more generally an electronic module (in the form of a key, of badge, . . . ). This type of module called SC is generally removable and can be connected to the decoder. The form with electrical contacts is the most widely used, however the use of a contact less connection is not excluded, for example of the ISO 14443 type. In this case, the security module process only the control messages and the control words determined by this module are sent back to the receiver for the decryption of the data (audio/video) stream.
In another embodiment, so called CAM, the data stream is passed to the CAM and the audio/video is decrypted within this module. This module is in charge of the security functions such as processing the control messages and the decryption of the data stream. For that purpose, the equivalent of the security module mentioned above is included into the CAM either as an electronic circuit or as a connectable security module.
For the clarity, these two forms will be named module SC-CAM in the description.
When the security module of the CAM has received the stream containing the control messages, they are decrypted and the expected rights contained in the messages are compared with the rights present in the security module.
In the case that the expected right (or rights) is present into the security module, the control word is passed to the descrambler in order to decrypt the audio/video data.
As is also known, each control word generally allows a small part of the data transmitted to be decrypted. Typically, one control word allows 10 seconds of a Pay-TV event to be decrypted. After this time duration, called a cryptoperiod, the control word is changed for security reasons.
When providing a module SC-CAM (such as a DVB-CI/CI+ CAM) to a consumer, a service provider may want to ensure that the module SC-CAM is not shared with friends or neighbours. A service provider in the context of the present invention therefore is responsible for managing access to conditional access digital content.
When used in host devices provided by the same service provider there are already protocols that allow checking that the right card or module is inserted in the right host device. These mechanisms are known as “pairing”.
Pairing is a known mechanism that consists in sharing a unique secret between two devices thus rendering the communication between these two devices inaccessible to all other devices, since only devices who share the secret are capable of participating in the communication.
This pairing is described in application EP1078524 and allows for communication to be ensured between a security module and a receiver thanks to the presence of a unique encryption key known only by these two elements.
In an environment that allows for such connection of a security module to several host apparatuses such a pairing is not possible, as it is too restrictive.
The document WO02/052515 describes a solution that puts into practice the pairing control by means of a management centre. The security module can be paired to any apparatus as long as the management centre gives authorisation. This solution supposes the existence of a channel that allows the management centre to send one or more messages to the security module.
German Patent Application Publication number 10204832 and International Patent Application Publication number 2006/100361 also both describe similar systems in which pairing between a receiver/decoder and a security module can be achieved.
On the other hand, some retail devices (e.g. a TV set) do not allow for such paring with a module. For such devices, there is therefore a necessity to provide a different means, provided outwith the receiver/decoder hardware itself, to allow for the desired pairing.