This invention relates generally to the area of cryptography. More specifically, the invention relates to cryptographically securing a change in security levels (e.g., encryption/decryption and authentication levels) used in a data transmission.
In the area of data transmission there is a need to secure messages that are transmitted so as to ensure that the messages are not compromised. One way to ensure this is by way of cryptography to encrypt a message at the transmitting end and to decrypt the received message at the receiving end. In this manner, someone who does not know the key used when the message is encrypted cannot gain access to the message content or successfully modify the message. An example of this need can be seen in systems that encrypt and protect MPEG transport streams. Conditional access messages flow from transmitters to receivers to enable users to view video and audio programs. These conditional access messages should not be compromised. In addition to encryption/decryption, authentication serves as another cryptographic measure used to secure a transmission.
In some systems, the need for security varies depending on the content of the message, as well as who has access to a transmitted signal, etc. Thus, for example, it would be useful if a message signal could be encrypted at different security levels at different points in time. This would facilitate the person transmitting a message to transmit a low level security message at one level of security and to transmit a second message having a higher need for security at a higher level of security.
Encryption algorithms often require a great deal of resources, such as memory for complicated encryption algorithm code, memory to store intermediate data produced by the cryptographic algorithm, processing power, instruction cycles, etc. Thus, one may send a message at the lowest level of encryption that is suitable for that particular message. Consequently, there is a need to be able to send messages that vary by their level of encryption.
Implementing changes in encryption could potentially be very complicated. Hence, when implementing a change to a higher level of encryption or security, it would be desirable to make such a change in a relatively easy manner.
While it is desirable to make a change from a low level of encryption to a high level of encryption in a relatively easy manner, one should make sure that a system is not compromised when a change is made from a high level of security to a low level of security. Namely, while an attacker who feints a change in security from low level to high level would cause the transmitter and receiver to utilize extra processing resources, the sent message would be less likely to be compromised because it would become secured according to a more secure algorithm. However, if an attacker is able to cause a shift to a low level of security from a high level of security, the attacker has made the process of breaking the code that much easier. Therefore, there is a need for a system that allows the change in security levels to be a secure change.