As is well known, in order to be able to access encrypted data such as information, software, games, or to visualise a Pay-TV event, such as a film, a sports event or a game in particular, several streams are broadcast to a set of multimedia units made up of a decoder and of a security module. These streams are, in particular, on one hand the file of the event in the form of an encrypted data stream and on the other hand, a stream of control messages ECM allowing the decryption of the data stream. The content of the data stream is encrypted by “control words” (cw) that are regularly renewed. The second stream is called the ECM (Entitlement Control Message) stream and can be formed in particular in two different ways. According to a first method, the control words are encrypted by a key, called a transmission key TK, which generally pertains to the transmission system between the management centre and a security module associated with the receiver/decoder. The control word cw is obtained by decrypting the control messages ECM by means of the transmission key TK.
According to a second method, the ECM stream does not directly contain the encrypted control words, but rather contains information allowing the determination of the control words. This determination of the control words can be carried out by means of different operations, in particular by decryption, this decryption being able to provide the control word directly, which corresponds to the first method described above, but the decryption can also obtain a piece of data which contains the control word, the latter still having to be extracted from the data. In particular, the data can contain the control word as well as a value associated with the content to be broadcast, and in particular the access conditions to this content. Another operation allowing the determination of the control word can use for example a one-way hashing function of this piece of information in particular.
The security operations are generally carried out in the security module associated with the decoder. This type of security module can be produced in particular according to four different forms. One of these is a microprocessor card, a smart card, or more generally an electronic module (taking the form of a key, of a badge, . . . ). This type of module is generally removable and can be connected to the decoder. The form with electric contacts is the most widely used, but does not exclude a connection without contact, for example of the ISO 14443 type.
A second known form is that of an integrated circuit box, generally placed definitively and irremovably in the decoder. An alternative is made up of a circuit mounted on a base or connector such as a SIM module connector.
In a third form, the security module is integrated into an integrated circuit box also having another function, for example in a descrambling module of the decoder or in the microprocessor of the decoder.
In a fourth embodiment, the security module is not realised as a hardware, but its function is implemented only in software form. Given that in the four cases, the function is identical although the security level differs, we can talk about a security module regardless of the way in which its function is carried out or the form that this module may take.
During the decryption of a control message ECM, it is verified, in the security module, that the right or the key to access the concerned content is present. This right or this key can be managed by authorisation messages EMM (Entitlement Management Message) that load such a type of right or such a type of key into the security module. These authorisation messages can also contain software updates, corrective codes (patch), elements allowing the closing of a security breach or more generally, every information or element allowing the management of the security module or the associated decoder.
The diffusion of conditional access digital data is schematically divided into three modules. The first module is responsible for the encryption of the digital data by control words cw and the diffusion of this data.
The second module prepares the control messages ECM containing the control words cw, as well as the access conditions and diffuses them for the users.
The third module in turn prepares and transmits the authorisation messages EMM which are in particular responsible for defining the reception rights or transmitting the keys to the security modules connected to the receivers. These authorisation messages can also contain management elements of the multimedia unit.
While the two first modules are generally independent from the addressees, the third module manages the set of users and diffuses information to one user, a group of users or all the users.
In order to ensure that all the concerned users, or at least the majority of them have received the authorisation messages EMM which are intended for them, these messages are generally repeated numerous times in an identical way. These messages can be repeated cyclically according to a predefined frequency and during a time period depending on the importance of the message in particular.
Due to the repetition of the messages, ill-intentioned individuals can, by means of the analysis of several messages, obtain information that can be used to try to breach the security of the system. In particular, by analysing the number of messages received between two identical messages, it will be possible to deduce the number of messages contained in a cycle. The ill-intentioned individual can thus discover which quantity of messages must be analysed and which messages it is not necessary to analyse.
Furthermore, in certain present systems, it is possible to send back repeatedly the same message to a multimedia unit. The processing of this same message several times will also allow the deduction of useful data by a person attempting to break the security of the system.
The European Patent Application EP A 1 301 037 describes a process intended for the transmission of content in the encrypted form, in particular of Pay-TV content. According to this process, the content is encrypted with a first encryption key (S-key) before being sent. This first encryption key is itself encrypted with a second encryption key (key 2), then sent in the form of a control message ECM. The second encryption key is then encrypted with a key (key 1) specific to the concerned receiver, then superencrypted with a protection key (SSS). All of this is sent in a management message EMM. The protection key (SSS) is of a particular type. A content encrypted by such a key can be decrypted by several different keys. The knowledge of one of the keys allowing the decryption of the content however does not allow the deduction of another key. Likewise, the knowledge of one of the decryption keys does not allow the discovery of the encryption key or protection key.
In the process described in this document, the sending of the encrypted content and the control messages ECM is similar to the conventional prior art. The use of a protection key for the sending of management messages leads to a supplementary encryption level in relation to conventional systems. This superencryption does not allow, however, the concealing of the characteristics of a message sending cycle. In fact, it is sufficient for the validity duration of a protection key to be greater than the duration of a cycle to make it possible to locate the cyclical characteristic of message sending. In practice, when the protection key changes, it is necessary for the receivers to receive a corresponding decryption key. This change must be made sufficiently in advance so that each receiver disposes of the new key at the moment when the latter is used by the emitter. This generally takes longer than the message sending cycle of the management messages.
This invention intends to avoid the drawbacks of the processes of the prior art by carrying out a process in which it is impossible to obtain data relating to the working of the system from the analysis of the authorisation messages received by a multimedia unit.