Most video programs (referred to as an “asset”, “video asset”, “video content”, “digital video asset”) such as movies, are distributed in digital form from a source or distributor (“Originator”) to a service provider (“Destination”) where the service provider makes the program available to its subscribers. In one embodiment, a program producer provides a digital asset to a cable service provider, which in turn, streams the program to viewers on a cable network based on a schedule or as requested. In one embodiment, the program producer (such as HBO®) uploads the digital asset program to a geosynchronous satellite, which relays the signal to various earth stations operated by the cable service provider. Once received by the cable service provider, it may be stored in a memory system (such as disk drives) and further distributed internally to various cable systems. Typically, a number of cable service providers are receiving the satellite signals across the country
While the digital asset is usually based on a standard digital video transmission format (typically, but not limited to, one of the MPEG standards), the asset is usually encrypted before transmission. Encryption is necessary because some of the transmission or program distribution mechanisms can be readily accessed or compromised by unauthorized users. Specifically, satellite transmissions can be readily received by anyone in the broadcast ‘footprint’ of the electromagnetic waves. Other mechanisms, such as cable or optical fiber transmission, can be easily tapped. Further, even if the signals themselves are not monitored during transmission, the information stored in various storage systems can be copied or accessed in various ways.
There is a tremendous value in obtaining an illegal copy of a readily viewable (e.g., non-encrypted), recently released movie. Consequently, there is a financial incentive for encrypting programs. Experience has shown that “pirated videos” (unauthorized copies) can be rapidly distributed and can be great value to those engaged in such illegal activity. Further, the ease in copying and transmitting digital files necessitates an additional level of security to prevent authorized decrypted copies from being made and distributed. The security provided by encrypting the video content must not only to anticipate unauthorized individuals attempting to obtain illegal copies, but must to anticipate also the possibility of employees of the distributors and/or cable service providers attempting to make an illegal copies of the video assets. Specifically, the security mechanism should not allow ready access to the decryption keys which would allow the video programs to be decrypted files.
Encryption of a digital video file requires the recipient to possess the corresponding decryption information, which can be broadly termed as the “decryption key.” Because the same key can be used to encrypt as well as decrypt, an “encryption key” is using the key to encrypt information, and a “decryption key” is using the key to decrypt information. Thus, “decryption key” is often used in the context of the Destination system (which decrypts the program) and “encryption key” is used in the context of the Originator. In prior art systems, the program originator would provide the recipient (a cable service provider) with the encrypted video file by one communication channel and the decryption key by a separate communication channel. However, these two pieces of information may be stored on the same computer system at the Originator or Destination systems. In some instances the Destination (or Originator) system would store the encrypted file and the key on two different systems. Thus, even if an unauthorized user were able to obtain a copy of the encrypted video program (only), viewing would not be readily possible without the decryption key. While it may be possible to decrypt the encrypted video program without the decryption key (e.g., using a trial-and-error approach), this requires such significant computer power that such scenarios are not addressed herein.
However, because the decryption key and the encrypted file may be stored in the same file system (or in two systems within the control of the Destination or Originating system), such security schemes are vulnerable to technical personnel (such as a system administrator) having knowledge of where the associated decryption key is stored (e.g., the system administrator). Alternatively, because many of these processing systems are connected to the Internet or other networks, hackers accessing the file store of such systems could find and copy the encrypted video file and the decryption key, and thus readily obtain a decrypted copy of the video program.
There are various prior art encryption methods used that could be adapted, and these may rely on a public-private key combination, require a central key server, or require a central key escrow. These schemes complicate the management of keys when there is a security compromise, or are otherwise vulnerable to Internet viruses, hackers, or other security attacks. Further, when there is the possibility of multiple Destination systems all requiring a decryption key, the logistics of key management can become complicated.
Consequently, systems and methods are needed for an ultra-secure encryption scheme for distributing digital video assets.