Cable-television systems are one of a myriad of electronic applications where subscriber access is desired. Typically, the subscriber access is provided through use of encrypted signals and some type of decoder. For cable-television systems it is not uncommon to have a receiver and a decoder as a set-top box from which a television or other device may display the information received. One of the ways in which such systems may operate is for the set-top box to have embedded within it a decryption code or key. This decryption code is then used by the broadcast facility to deliver the keys necessary to provide individualized access allowing the set-top box to decrypt a video service. The decryption code may be a cryptographic key and is frequently provided to the set-top box at time of manufacture. A separate third person is often used to understand and have access to all of the codes for the manufactured boxes. This third person is trusted to maintain the secrecy of the various codes and is referred to as a trusted authority. After manufacture and providing the codes to the trusted authority, a broadcast facility who has purchased or otherwise provided the set-top box obtains that specific box's decryption code by utilization of the trusted authority. Unfortunately, perfect trust is never possible. There is also uneasiness as to the origination of the knowledge with respect to these decryption or cryptographic keys. Generally, there is a desire not to provide any possibility of access to one's competitors or to unknown persons such as overseas manufacturing capabilities or the like. This is compounded by the fact that it is not practical for each broadcast provider to have their own manufacturing facility for their own set-top boxes. Thus it has been a long felt desire to somehow eliminate the need for and use of a trusted authority while yet maintaining use of specific individualized encryption codes for particular devices.
These desires exist because in spite of the often extreme precautions taken to protect decryption keys, the cable industry has more than 25 years of experience with attacks on its security systems. Compromised authorization remains an important consideration, and attacks such as cloning, musketeering, replaying messages, substituting message language, insider compromises, and vulnerability of trusted hardware still remain to name but a few. For some time, there has existed a goal of being able to provide a true one-way system that can securely provide broadcast signals on a subscriber basis without any trusted authority or other risk relative to a potential compromise of the decryption keys used.