1. Field of the Invention
The invention relates generally to portable security modules adapted to descramble scrambled audiovisual information.
2. Background Art
Transmission of encrypted data is well-known in the field of pay TV systems, where scrambled audiovisual information is usually broadcast by terrestrial emitters, satellite or through a cable network to a number of subscribers, each subscriber possessing a decoder or receiver/decoder capable of descrambling the scrambled audiovisual information for subsequent viewing.
In a typical system, the scrambled audiovisual information may be descrambled using a control word. In order to try to improve the security of the system, the control word, is usually changed every ten seconds or so. Every 10 seconds, each subscriber receives, in an ECM (Entitlement Control Message), the control word necessary to descramble the scrambled audiovisual information so as to permit viewing of the transmission.
The control word itself is encrypted by an exploitation key and transmitted in encrypted form in the ECM. The scrambled audiovisual information and the encrypted control word are received by a decoder, which in the case of a paid-up subscriber, has access to the exploitation key stored on a portable security module, e.g., a smart card, inserted in the decoder. The encrypted control word is decrypted using the exploitation key by the smartcard. The smartcard transmits the control word to the decoder. The scrambled audiovisual information is descrambled using the decrypted control word by the decoder. The decoder is indeed powerful enough to provide a real-time descrambling of the scrambled audiovisual information.
The exploitation key is itself periodically changed, e.g. every month or so. An EMM (Entitlement Management Message) is monthly received by the decoder and is transmitted in the smartcard. The EMM contains the exploitation key in an encoded form. A group key assigned to the smartcard enables to decode the encoded exploitation key.
The decoder hence regularly sends command messages to the smartcard.
The command message may be an ECM, i.e. the decoder transmits to the smartcard a control word in an encrypted form. The smartcard decrypts the control word using the exploitation key. The transmitting of the control word typically occurs every 10 seconds.
If a viewer person zaps from a first channel to a second channel, the decoder transmits to the smartcard a second control word in an encrypted form after a transmitting of a first control word in an encrypted form. The first control word and the second control word respectively correspond to the first channel and to the second channel. The smartcard may hence receive Entitlement Control Messages more frequently than every 10 seconds due to the zapping of channels.
The command message may also be an EMM, i.e. the decoder transmits to the smartcard an exploitation key in an encoded form, or any other command message from the decoder.
FIG. 1 schematically illustrates a smartcard according to prior art. The smartcard 11 is activated by a receiving of a message, e.g. an Entitlement Control Message ECMn from a decoder (not represented): the decoder acts as a master and the smartcard 11 as a slave. A processing unit 12 of the smartcard only executes the command messages received from the decoder. The smartcard 11 comprises a parameters memory, e.g. an EEPROM 13, into which parameters are stored. The processing unit 12 may check that the parameters stored into the EEPROM 13 are correct. The parameters may be for example a size of the Entitlement Control Messages to be received. The processing unit may check that the received Entitlement Control Message ECMn has a proper size before decrypting an encrypted control word contained in the received Entitlement Control Message ECMn.
A smartcard is generally intended to communicate with a single decoder. However, a fraudulous user may attempt to set up a server between a single smartcard and a plurality of decoders. The server may be a splitter that communicates with the plurality of decoders directly, e.g. via an electrical wire. The server may also be a Control Word server that communicates with the plurality of decoders via a network, e.g. an Internet network.
FIG. 2 schematically illustrates an example of a splitter configuration according to prior art.
A first decoder 24A continuously receives a first scrambled audiovisual information ECW1(m1) corresponding to a first channel. A second decoder 24B continuously receives a second scrambled audiovisual information ECW2(m2) corresponding to a second channel. The first decoder 24A and the second decoder 24B respectively allow to provide a real-time descrambling of the first scrambled audiovisual information ECW1(m1) and of the second scrambled audiovisual information ECW2(m2).
The first scrambled audiovisual information ECW1(m1) and the second scrambled audiovisual information ECW2(m2) are respectively descrambled using a first control word CW1 stored in a first memory 25A of the first decoder 24A and a second control word CW2 stored in a second memory 25B of the second decoder 24B.
At each cryptoperiod, i.e. every 10 seconds for example, the first decoder 24A and the second decoder 24B respectively receive a first Entitlement Control Message ECM1 and a second Entitlement Control Message ECM2.
In a splitter configuration, the first decoder 24A and the second decoder 24B respectively transmit the first Entitlement Control Message ECM1 and the second Entitlement Control Message ECM2 to a single server e.g. a splitter 22 during a single cryptoperiod.
The splitter 22 forwards one of the transmitted Entitlement Control Messages, e.g. ECM1, to a single portable security module, e.g. a smartcard 21. Using an exploitation key stored into a smartcard memory 26, the smartcard decrypts the corresponding control word, e.g. CW1, upon receiving of the forwarded Entitlement Control Message (ECM1). The corresponding control word CW1 is transmitted to the splitter 22. Once the splitter 22 receives the transmitted control word CW1, the splitter 22 forwards a distinct entitlement control message among the transmitted Entitlement Control Messages, e.g. ECM2, to the smartcard 21. The smartcard decrypts the corresponding control word, e.g. CW2, upon receiving of the forwarded Entitlement Control Message (ECM2). The corresponding control word CW2 is transmitted to the splitter 22.
The splitter 22 forwards the decrypted control words CW1 and CW2 respectively to the first decoder 24A and to the second decoder 24B.
The server allows a plurality of decoders to descramble scrambled audiovisual information with a single smartcard.
Summarizing, a paid-up subscriber generally possesses a single portable security module, e.g. a smartcard. However, a server as described for the setup of the fraudulous user, e.g. a splitter or a Control Word server, allows a plurality of decoders to descramble scrambled audiovisual information with a single smartcard. It is hence possible for the paid-up subscriber to provide an access to audiovisual information dedicated to the paid-up subscriber to one or more unauthorized users that do not possess any smartcard.
There is a need for a method allowing to discourage a use of a server in a splitter configuration. However, a regular paid-up subscriber possessing a decoder that communicates directly with a smartcard should not encounter problems.
A first method may consist in implementing a slowing software into smartcards, wherein the slowing software allows to slow down a processing of each smartcard. The smartcards may hence not be able to decrypt more than one control word during a cryptoperiod, e.g. 10 seconds.
A second method may consist in emitting Entitlement Control Messages at shorter cryptoperiods, e.g. every 3 seconds.
Both the first method and the second method allow to restrict processing to a single ECM per cryptoperiod. As a consequence the server will generally fail to synchronize communications between a plurality of decoders and a single smartcard. Only a single decoder may function correctly with the single smartcard.
However, if a regular paid-up subscriber possessing a single decoder zaps from one channel to an other channel at a relatively high zapping rate, the smartcard may also fail to decrypt a plurality of received ECM per cryptoperiod. The regular paid-up subscriber may hence be prevented from zapping between various offered audiovisual information. Typically, a screen of the regular paid-up subscriber may turn blank at a zapping action even if the subscriber is a regular paid-up subscriber.