The use of encrypted data for the protection of information is very widespread, notably in the transfer of data such as, for example, in the field of video-graphics data.
A video stream decoding box, such as television decoder, is an electronic unit performing the recovery of encrypted and/or compressed signals with a view to a display them on a television screen. The electronic unit carries out the required decoding, in other words, at least the decrypting and the decompression of the received data, so that the image may be transmitted to the receiving terminal, for example, a television set.
The external signal entering the electronic unit may come from a satellite antenna, from a telephone line, from an optical fiber, from an Ethernet cable, or even from a digital memory stick.
An electronic decoding unit may also be used for processing of data other than video data.
In an electronic decoding unit, four areas may be defined whose required level of security is different. A first area corresponds to the processing of the data prior to its decryption. In this first non-protected area, no particular security is required given that the data is always encrypted, and that the security of the content of the data is ensured by its encryption.
A second very protected area corresponds to the processing of the data once it has been decrypted, but not yet decompressed. This second area may require a very high degree of security because the data has been decrypted, and hence is readable by anyone, and still compressed, which means that it is very easily and very quickly transferable to an external pirate unit for example.
A third protected area corresponds to the processing of the encrypted data after the decompression of this data. This third area may require less stringent security than the second area because, although the data has been decrypted and hence readable by any external system, the data has been decompressed and hence is very voluminous. The transfer of decompressed data to an external unit is much longer, and often prohibitive when the decompressed data is very large.
In the case where the data is to be re-transmitted to an external system, it is possible to re-encrypt the data. In this fourth non-protected area, no additional security may be required given that the data is encrypted.
To prevent the possible pirating of critical data, the critical data corresponding to the non-decompressed decrypted data, the electronic processing units for the data desirably provide an optimal security in the second processing area.
In the prior art, a system is known comprising two separate physical memory areas and a data processing method using one memory area for the non-protected data, and the other memory area for the critical data coming from the decrypting of this data. Such a system may comprise an access authorization filter configured during the design of the system and being non-modifiable.
Such a method has the drawback of blocking a given entire non-modifiable memory space for the processing of the protected data. The consequence of this is that, when the system receives no protected data or very little protected data, only half of the memory physically available within the system is used. Such a system may require the size of the memories used to be doubled and, as a result, the physical size of the electronic units for processing a large data stream to be increased.