Field
This disclosure relates to receiving audio/video content.
Description of Related Art
The “background” description provided herein is for the purpose of generally presenting the context of the disclosure. Work of the presently named inventors, to the extent it is described in this background section, as well as aspects of the description which may not otherwise qualify as prior art at the time of filing, are neither expressly or impliedly admitted as prior art against the present disclosure.
As background technology, the DVB Common Interface (“CI”) specification allowed a television receiver or set top box (a “host”) to interact with a secure hardware module (a conditional access module or “CAM”) to allow the host to decrypt access-controlled content. The CI specification defines an interface between the host and the CAM, so that the two will work together if both conform to the CI specification. This interoperability provided a significant benefit of the CI system, as, in principle, it allowed consumers a choice of compatible products from different manufacturers.
In the CI specification the CAM interacts with a smart card and/or a user's personal identification number (“PIN”) to provide user authentication.
However, a disadvantage of the original CI specification is that it gave the potential for the decrypted digital content to be copied. This problem arises from the way in which the host and CAM interact. In use, the host sends encrypted data to the CAM. The CAM checks the user authentication and, assuming that the user is authenticated, it decrypts the access-controlled content. The CAM then sends the decrypted content back to the host over the CAM-host interface, which is generally a PCMCIA (Personal Computer Memory Card International Association) interface, though it is not limited to this interface—for example, a USB interface could be used. This connection from the CAM to the host represents a security weakness, in that the decrypted digital content can in principle be intercepted and unlawfully copied. This security weakness meant that some content providers preferred integrated devices, which have the host and CAM as a single unit, because this allowed them better security over the transfer of unencrypted data from the CAM to the host. However, this of course acted against the advantage associated with CI, relating to the potential interoperability of different CAMs and hosts.
The CI Plus specification was drafted to address these problems, by two main routes. CI Plus provides a secure interface between the CAM and the host, so that decrypted content data is not sent in clear form between the two devices. Also, CI Plus provides for the authentication of both the host and the CAM, rather than the CI technique of authenticating only the CAM.
The authentication system uses certificate hierarchy so that the host and the CAM must both have been issued certificates by an authority (such as CI Plus LLP).
The PCMCIA interface between a host and a CAM is protected by encrypting the decrypted content data before it is sent from the CAM to the host, and then decrypting it at the host. This encryption is separate to the access control encryption-decryption established by the content provider, and is specific to each particular CAM-host pair. Keys are exchanged between the CAM and host by the Diffie-Hellman key exchange technique. The keys are also cycled from time to time, so that even if a key was compromised, it would in any event be changed a few seconds later.
The CI Plus specification also allows CAMs to be connected in series, or daisychained.