The present invention relates to a method and apparatus for transmission and recording of scrambled digital data, for example broadcast audio and/or visual data.
Transmission of scrambled or encrypted digital data is well-known in the field of pay. TV systems, where scrambled audiovisual information is broadcast e.g. by satellite to a number of subscribers, each subscriber possessing a decoder or receiver/decoder capable of descrambling the transmitted program for subsequent viewing.
In a typical conditional access system for pay TV, scrambled digital data is transmitted together with a control word for descrambling the digital data, the control word itself being encrypted by a first key and transmitted in encrypted form in an ECM message. The scrambled digital data and encrypted code word are received by a decoder possessing an equivalent of the first key necessary to decrypt the encrypted control word and thereafter descramble the transmitted data. Usually, the control word changes every 10-15 seconds. A paid-up subscriber will receive on a monthly basis an EMM message including the exploitation key necessary to decrypt the encrypted control words so as to permit viewing of the broadcast programs.
With the advent of digital technology, the quality of the transmitted data has increased many times over. A particular problem associated with digital quality data lies in its ease of reproduction. Where a descrambled program is passed via an analogue link (e.g. the xe2x80x9cPeritelxe2x80x9d link) for viewing and recording by a standard VCR the quality remains no greater than that associated with a standard analogue cassette recording. The risk that such a recording may be used as a master tape to make pirate copies is thus no greater than with a standard shop-bought analogue cassette.
By way of contrast, any descrambled digital data passed by a direct digital link to one of the new generation of digital recording devices (for example, a DVHS recorder) will be of the same quality as the originally transmitted program. It may thus be reproduced any number of times without any degradation of image or sound quality. There is therefore a considerable risk that the descrambled data will be used as a master recording to make pirate copies, either further digital copies or even simple analogue VHS copies.
PCT/US97/07981, which represents the closest prior art document, discloses a system of copyright control, in which authorisation messages are included with a broadcast program. A receiver/decoder makes a decision to record the program or not based on this message, the program usually being recorded in clear on the video cassette. The system operates in parallel with a conventional conditional access system and in all embodiments the transmitted scrambled program is descrambled in the decoder before being recorded.
EP 0763936 discloses another method of copyright control, again using a system of authorisation messages in parallel with a conventional access control system. In order to permit replaying of a scrambled recording after the end of a subscription month (and a subsequent change in exploitation key), the system stores that month""s EMM message in the smart card of the decoder. This may lead to significant information storage problems in the smart card.
It is an object of the present invention to enable a secure system for transmission and recordal of data permitting authorised recording of transmitted digital data, whilst minimising the risk of pirate copies of such recordings being made by unauthorised third parties and avoiding the problems with the known systems.
According to the present invention there is provided a system for transmission and recording of digital data, comprising a transmission means adapted to prepare and transmit at least one control word encrypted by a first key together with digital data scrambled by that control word characterised in further comprising a digital recording device adapted to receive and record the transmitted scrambled digital data together with the encrypted control word on a digital support, the digital recording device further including an access control unit adapted to decrypt the control word and thereafter descramble the digital data during playback.
In this way, the data in question will be recorded in the scrambled form in which it was transmitted directly on the digital support medium, and may only be accessed thereafter in conjunction with the recording device and associated access control unit, thereby providing a secure system for recordal whilst avoiding the problems with the known methods.
The access control unit may be permanently integrated in the recording device. However, in some embodiments it may be envisaged that the access control unit is incorporated in a discrete module, for example as a smart card on SIM card, insertable in the recording device to permit decryption and descrambling of the recorded data upon playback.
Whilst the recording device may include the means necessary to receive the transmitted digital data, the system may also comprise a separate receiver/decoder adapted to receive the transmitted digital data and encrypted code word and to communicate this information to the recording device for subsequent recordal.
In this embodiment, the receiver/decoder may be a standard type as known from the field of digital television broadcast and adapted to receive broadcast audio and/or visual data (scrambled and in clear) as well as data sent, for example, via a modem link to the receiver/decoder. The receiver/decoder may also be integrated with other devices such as digital television, DVHS recorder etc.
Broadly speaking, the system may function in two possible modes of operation; a cyclical transmission mode and a transmission on demand mode. In the case of a cyclical transmission mode, the transmission means is adapted to repetitively transmit the scrambled digital data and encrypted code word.
In such a mode, the control word for the data is preferably encrypted by a first key associated with the identity of the data being transmitted. For example, in the case where a number of pieces of music are being transmitted in a repeating cycle, the control word or words needed to descramble the data for each recording are encrypted by a key specific to that particular piece of music. The number of control words needed may depend on the length of the piece of music.
The equivalent of the key needed to decrypt the control word may be communicated to the access control means in a number of ways, for example, simply by transmission xe2x80x9cin clearxe2x80x9d over a telephone network or the like. Preferably, however, the first key is encrypted by a second key before communication to the access control unit.
In such an embodiment, the system may further comprise a key encryption apparatus adapted to encrypt the equivalent first key by a second key before communication to the recording device, the access control unit possessing an equivalent of the second key so as to permit the decryption of the first key and, thereafter, the decryption of the control word and subsequent descrambling of the transmitted data
The key encryption apparatus may be integrated with the transmission means and the associated circuitry for scrambling the transmission etc. However, it may equally be associated with a separate database and server containing a list of keys associated with each access control means and recording device.
In the case where the system comprises a receiver/decoder unit, the receiver/decoder unit may be adapted to request a first key from the key encryption apparatus, the key encryption apparatus thereafter transmitting the encrypted first key to the receiver/decoder for subsequent communication to the recording device and access control module.
For example, the key encryption apparatus may respond to a request received from the receiver/decoder via a modem channel by returning information on this channel. Alternatively, the information may be communicated to the transmission means for subsequent communication, for example, in a broadcast transmission.
The above cyclical transmission embodiments have been discussed in particular in relation to systems in which the key used to encrypt the control word is directly associated with the identity of the data e.g. the particular piece of music or audiovisual programme transmitted.
In an alternative embodiment, the same first key is used to encrypt the control word or words associated with a plurality of sets of data For example, all programmes or songs transmitted during a particular period of time, such as during a month""s subscription, may use the same first encryption key to encrypt control word data.
Similarly, whilst the first key is normally sent in response to a request from a user, in one embodiment the first key is repetitively transmitted by the transmission means in a message encrypted by a second key.
The verification that the user or subscriber has sufficient rights to receive and record, for example, a month""s worth of data may be handled upstream at the transmission. Only those subscribers having paid the necessary subscription will receive the key for that month, as encrypted by their personalised second key and sent by the transmission means.
In addition, in some embodiments, the access control module may further include a credit unit for controlling the number of recordings made by the recorder and/or the number of times a recording is replayed, for example, during a month""s worth of credit In this case, a number of credits may be communicated, for example, together with the first key information to the recorder device each month, each recording resulting in the reduction of a credit held by the recording device.
The above embodiments have been discussed in relation to a cyclical mode of transmission. In an alternative on-demand mode, the transmission means responds to a real-time request to transmit the scrambled digital data and encrypted control word.
Whilst being more complicated to manage in terms of the received requests, the on-demand embodiment may permit a simplification of the encryption process. In particular, in one embodiment, the control word is directly encrypted by a first key associated with the identity of the access control unit, the access control unit possessing an equivalent of this key to permit the decryption of the control word and subsequent descrambling of the data.
The real-time request may be communicated to the transmission means by a receiver/decoder connected to the recording device. Alternatively, a request may be made by telephone, minitel etc.
The transmission means may be adapted to transmit data to the recorder via any number of communication channels, for example, via a fixed telecommunications network. However, the invention is particularly applicable to broadcast transmission of primarily audiovisual or multimedia digital data, notably audio data. The present invention may also be used in conjunction with many types of digital recording devices.
In one preferred embodiment, the transmission means is adapted to transmit digital audio data In such an embodiment, the recording device may conveniently comprise a mini disc recorder adapted to include access control means as described above.
The present invention equally extends to a recording device for use in a system as described above and a method of transission and recording of scrambled data.
The terms xe2x80x9cscrambledxe2x80x9d and xe2x80x9cencryptedxe2x80x9d and xe2x80x9ccontrol wordxe2x80x9d and xe2x80x9ckeyxe2x80x9d have been used at various parts in the text for the purpose of clarity of language. However, it will be understood that no fundamental distinction is to be made between xe2x80x9cscrambled dataxe2x80x9d and xe2x80x9cencrypted dataxe2x80x9d or between a xe2x80x9ccontrol wordxe2x80x9d and a xe2x80x9ckeyxe2x80x9d. Similarly, the term xe2x80x9cequivalent keyxe2x80x9d is used to refer to a key adapted to decrypt data encrypted by a first mentioned key, or vice versa. Unless obligatory in view of the context or unless otherwise specified, no general distinction is made between keys associated with symmetric algorithms such as DES and those associated with public/private algorithms such as RSA.
The term xe2x80x9creceiver/decoderxe2x80x9d or xe2x80x9cdecoderxe2x80x9d used herein may connote a receiver for receiving either encoded or non-encoded signals, for example, television and/or radio signals, which may be broadcast or transmitted by some other means. The term may also connote a decoder for decoding received signals. Embodiments of such receiver/decoders may include a decoder integral with the receiver for decoding the received signals, for example, in a xe2x80x9cset-top boxxe2x80x9d, such a decoder functioning in combination with a physically separate receiver, or such a decoder including additional functions, such as a web browser or integrated with other devices such as a video recorder or a television.
Similarly, the term xe2x80x9cdigital recording devicexe2x80x9d may designate any suitable device adapted for recording digital data, notably audio and/or visual data, such as DAT machine, a DVD recorder, a DVHS recorder, a mini disc recorder etc.
As used herein, the term xe2x80x9ctransmission meansxe2x80x9d includes any transmission system for transmitting or broadcasting for example primarily audiovisual or multimedia digital data. Whilst the present invention is particularly applicable to broadcast digital audio or television systems, the invention may also be applicable to a fixed telecommunications network for multimedia internet applications, to a closed circuit television, and so on.
In the case of a broadcast audio or television system, the transmission route may include satellite, terrestrial, cable or other medium.