A digital domestic network is a set of audio-video device linked by digital interfaces. These device include for example digital decoders, digital televisions, DVD players/recorders, storage device equipped with hard disks, MP3 audio recorders, electronic books, games consoles, computers or other platforms allowing Internet access.
Digital technology offers the possibility of producing copies of the contents (cinema, music, videos games, software . . . ) that are of the same quality as the original. These perfect copies imply disastrous consequences for the industry regarding the copyright if an efficient protection method is not available.
The original contents arrive in house by different sources: it can be transmitted by radio channel, by satellite or cable, through the Internet, or it can be recorded onto a digital cassette, a DVD or onto a hard disk. Before supplying their contents to distributors, the rights' holders specify certain access conditions relating to the protection of the contents that must be put into force by an in house content protection system.
The content can, for example, be associated with rights such as: “Read only”, “copy for private use ”, “Free copy”.
A digital content protection system allows content owners and distributors to fight against revenue loss due to piracy. It is based on the use of security modules that allow the identification of each device connected to the domestic network and the decryption of the data.
The advantage of such a system is that the content is always conserved encrypted in the digital domestic network until reading. Decryption is carried out in collaboration with the removable security module inserted into the reading device. This simple method offers security means complete with encryption.
Such a protection system is qualified as “end to end”, that is to say from the entrance of the content onto the digital domestic network until its use, via its eventual storage.
With this system, the content suppliers can easily choose rights for the encrypted data users that will be applied to the domestic network.
The possibility of duplicating and managing digital content inside the network is thus offered to the user in the framework of the rights defined by content suppliers. It allows the user to share the content stored on any stand alone or portable connected digital device, while preventing the redistribution of this content outside the domestic network.
The system creates a secure environment: allowing the recording of the encrypted content, but prohibiting the reading of illegitimate contents. Illegitimate content is a copy not authorized by the holder of the ownership rights. For example, a disk copied from an original on a device belonging to a network A cannot be read by a device connected to a network B.
All restricted access content is linked to a given domestic network and, therefore, can be used only on that same network. The identity of the network is assured by security modules that, due to the fact that they are removable, allow a certain amount of mobility.
However, a domestic network can also comprise movable external device connected to this network, for example a portable music player or a device in a car, as well as device in a second residence that belongs to the owner of the initial network. In other words, the contents are protected by the same key when the external devices have been connected to the reference network at least once. It is thus unnecessary to have a permanent connection. All these devices share a private domestic network key, on which the content is available for private use, but only according to the ownership rights.
The protection system whose principles are mentioned above is described in the Thomson Multimedia Ltd document: “SmartRight”™, A Content Protection System for Digital Home Networks, White Paper” published in October 2001.
According to a particular configuration, the entry point of a digital domestic network comprises of a decoder (“Set-Top-Box”) that receives an encrypted data stream from a satellite, a cable, by the Internet. This decoder is provided with a security module in general in the form of a chip card called a converter module. The role of this card consists of managing the conditions defined by the access control of the conditional access supplier to decrypt the control messages (ECM) containing the control-words (CW) allowing the deciphering of the contents if the rights are present in this module. In the affirmative, this module re-encrypts the control-words (CW) thanks to a session key randomly generated by the module. This module adds to the control-words (CW) the session key encrypted by the network key to form local control messages (LECM).
According to a second possibility, the entry point is a data reader such as a DVD reader. The data are stored in an encrypted configuration and a module in the reader is able to decrypt these data. Once decrypted, they are re-encrypted according to the local connected network and broadcasted in this network. According to the operating mode, it is possible not to decrypt the data but to process only the encryption key(s). In fact, a known method consists to encrypt the data with one or more session keys (randomly determined) and to encrypt these keys with a key fitted to the system and known by the DVD reader. This reader decrypts the whole key set and re-encrypts this set thanks to the local key. The data themselves are not processed and remain in their original configuration. In this realization, the converter module is the module including the means for decrypting the set of keys and encrypting them for the local network.
In both above described cases, one will talk about broadcasting device because its main function is to broadcast data in a local network.
The network key is a key belonging to a given network. It is generated in the network by means of a security module called a terminal module linked to the first content visualization device connected to the network. This module is the only one capable of initializing the network. An additional terminal module then receives the network key from the first device. This terminal module is in general a chip card or it can be a circuit mounted directly in the processing device.
On the other hand, the network key is not known by the converter module so as to avoid gathering together all the secrets, which would constitute an excellent attack target for pirates. Therefore, a secure communication mechanism must be put in place between a terminal module and the converter module so that the latter can insert the session key encrypted by the network key in the control messages (LECM) that it generates.
For this purpose, the terminal module exchanges with the converter module a public key known by the terminal module and a session key randomly generated by the converter module. The terminal module transmits its public key to the converter module that returns the encrypted session key with the public key. The terminal module then decrypts the session key, then retransmits this encrypted session key with the network key to the converter module.
The converter module encrypts on one hand the control-words (CW) using the session key and on the other hand, it joins the encrypted session key with the network key (coming from one of the terminal modules) to form the local control messages (LECM). These messages (LECM) are then transmitted with the encrypted contents using different network device for storage or visualization.
Each terminal device connected to the network can thus decrypt the messages (LECM) and extract the control-words (CW) because it has the network key and receives the session key encrypted by the network key. It is able than, using these control-words (CW), to decrypt the data stream. These devices are called processing device.
This setting up method of a network key contained in a terminal module presents a drawback due to the fact that it is technically possible to initialize a multitude of domestic networks by means of a fake terminal module. In fact, in the known protection system, the network key is not contained as such in the converter module, but only in the form of a session key encrypted by the network key. The unauthorized networks established in this way can thus all possess the same key and therefore, the content stored in the devices can be redistributed and exploited outside the limited number of members such as those defined in the standards for a domestic network.
Furthermore, a predefined network key not recognized by the content supplier can be introduced onto a terminal module allowing the creation of a network whose content ownership is no longer directed by the holder.