It thus relates notably to the field of digital television. The digital television environment includes the broadcast or streaming of different sorts of data like audiovisual contents (typically MPEG audio/video), interactive contents, triggers, Program Specific Information (specific information about the sent programs, in brief “PSI”), Service Information (complementary information enabling a receiver to automatically configure and a user to browse in the services by means of an EPG—Electronic Program Guide, in brief “SI”), Private Data, Signaling and so on. The information related to origins, destinations and structuring of the contents (namely PSI, SI, and some private data) are usually integrated in the signaling.
These various data are usually distributed over MPEG-2 transport streams, which consist of audiovisual streams transported in PES (Packetized Elementary Streams) and of other information (signaling, PSI, SI, interactive content . . . ) transported in MPEG-2 sections. Some digital broadcast networks and broadband networks are more or less vulnerable to spoofing. Technically well equipped pirates can intercept data, modify them and rebroadcast (or re-stream) those data in the network. Terrestrial and microwave broadcast networks are more vulnerable than satellite or cable networks. The problem is thus to securitize digital data transmission over MPEG-2 networks.
In fact, some data items listed like audiovisual content, PSI and SI are pure broadcast content, so that their piracy is annoying for the user, but at least has not a financial impact for him. However interactive terminals with a return channel can run t-commerce (television commerce) or home banking applications. Spoofing of such applications is then not only very annoying for the user, but can also cost him a lot of money.
The authentication of data contents is already well known. Notably, document WO-99/49614 describes a method of authentication of data sent in a digital stream, in which the data are organized into a hierarchy of at least one root directory unit, subdirectory unit and file unit. The data in a file are signed and an associated file authentication value is stored in the referring subdirectory unit. This file authentication value is in turn signed and an associated subdirectory authentication value is stored in the referring root directory. Other aspects of this disclosure relate to the authentication of a second root directory by generation of a second authentication value, and to the authentication of data before encapsulation in tables or sections of a transport stream.
Also, document WO-99/62248 discloses a method implemented in an interactive television system, for managing modules of interactive television applications. This system transmits modules from a broadcast station to a plurality of receiving stations, and the receiving stations have module managers that store module requests and monitor the various channels for modules corresponding to the requests. In detailed embodiments, an application to be transmitted consists of a series of modules, one of which is a directory module. The latter contains an entry for each of the modules in the application, and enough information to allow the receiving stations to access all the modules of the application. Further, an authentication mechanism may be applied in the receiving stations for ensuring that the currently downloaded carousels and/or modules are authentic.
Further interactive systems like the DVB Multimedia Home Platform specify how to authenticate broadcast applications and they specify how to protect data contents that are transferred over a return channel. However, fraudulent operations still remain possible, since it is possible to alter the signaling in an appropriate way so as to cancel, replace or add contents without any apparent discrepancy. It would then be tempting to provide for an authentication not only of the contents, but also of the signaling itself, as is done notably for streams built according to the ATVEF (for Advanced Television Enhancement Forum) standard.
However, such a method causes specific difficulties for DVB digital streams, because streams are commonly re-multiplexed in network head-ends. Then, PIDs (Packet IDentifiers) or even the contents of tables like PMTs (for Program Map Tables, one table per program indicating the PIDs of the PES constituting that program, possibly in addition to private information related to that program) risk to be modified due to network requirements. This would mean calculating again all hash codes and signatures, what would involve giving to each multiplexer a private key to compute an appropriate signature. Now, the cost for providing each multiplexer with a certified key pair would be huge. That situation has discouraged skilled persons to develop such a signaling authentication strategy.