Many digital content distribution systems use conditional access (CA), which requires the receiver to meet certain criteria before being able to decrypt and display a given content item, such as a video program or broadcast channel. The content is encrypted using a secret key, referred to as a control word (CW). (This sort of encryption is commonly referred to as “scrambling.”) The CW itself is encrypted by entitlement control messages (ECMs), which are transmitted from the system head-end to receivers of the content item. The CA subsystem (such as a secure smart card) in each receiver decrypts the ECM to recover the CW for a given content channel, but only when the receiver is authorized to do so by an entitlement management message (EMM) for the given channel. EMMs are typically transmitted periodically (for example, once per month) to the CA subsystem, depending on the subscriber's service plan.
In secret sharing schemes, a secret (such as a cryptographic key) is shared among a group of participants, each of whom is allocated a share of the secret. The secret can be reconstructed only when a sufficient number of secret-shares are combined together, while individual shares are of no use on their own. A method for secret sharing based on polynomials, for example, was described by Shamir in “How to Share a Secret,” Communications of the ACM 22:11 (1979), pages 612-613.