The present invention relates generally to the fields of security and cryptography. Methods and apparatus for the generation of a random cryptographic one way function (i.e. a keystream) for use in encrypting or decrypting binary data are provided. Binary data may comprise digitized video or audio, as well as Internet Protocol or other pure data services. Although the invention has particular applicability in controlling access to premium services in cable and satellite television systems, it is also applicable to the protection of other information which is communicated in electronic form.
More particularly, the present invention provides a non-linear keystream generation algorithm using multiple feedback shift registers. The feedback shift registers may be constructed utilizing an advanced mathematical construct called an extended Galois Field GF(2m). The keystream is generated as a non-linear function of the outputs of the multiple feedback shift registers, which may be a combination of static feedback shift registers and dynamic feedback shift registers. Dense primitive polynomials with many coefficients may be used to produce a cryptographically robust keystream for use as an encryption or decryption key.
One way that binary data may be scrambled (encrypted) is by processing the binary data with a keystream (cryptographic key) to produce ciphertext (encrypted data). Keystreams are based on a sequence of bits that can be generated by pseudorandom sequences. The ciphertext can then be decrypted using an identical keystream. Data content owners want technology used in copy protection key derivation to be unique and difficult to duplicate. To achieve this end, binary data can be processed through a hash function by using that data as the input to a cryptographic One Way Hash Function, and by using the output of that Function as an encryption key for other binary data.
Commonly assigned U.S. Pat. No. 4,860,353 describes a dynamic feedback arrangement scrambling technique (DFAST) keystream generator. DFAST utilizes a dynamic feedback shift register, the structure of which is varied by a polynomial code signal. The polynomial code signal is varied in accordance with the content of data bits shifted from a predetermined register stage of the feedback shift register.
It would be advantageous to provide for generating a keystream having enhanced cryptographic and ease-of- implementation features as compared to those provided by DFAST and other prior art keystream generators.
It would be further advantageous to provide for keystream generation utilizing multiple feedback shift registers constructed using an extended Galois Field GF (2m). Extended Galois Field mathematics is well-suited to implementation in software systems. It would be still further advatageous to provide for keystream generation where the structure of the feedback shift registers are also varied by a polynomial code signal. It would be even further advantageous to provide for keystream generation using several randomization (e.g., permutation) stages to combine data bits from predetermined register stages of the feedback shift registers in a non-linear manner.
The present invention provides the foregoing and other advantages. More specifically, the present invention provides for an extension and improvement of the DFAST technology described in commonly assigned U.S. Pat. No. 4,860,353. An improved dynamic feedback arrangement scrambling technique in accordance with the invention (sometimes designated herein as “DFAST2”), provides a keystream with enhanced cryptographic and ease-of-implementation features as compared to DFAST. The present invention is suitable for use with a cable television system or hosts with point of deployment (POD) capability. The present invention is particulary suited for use with OpenCable™ set top boxes and PODs developed by Cable Televison Laboratories, Inc. (CableLabs™) of Colorado, USA, and is incorporated into the January 2000 POD Copy Protection Standard.