1. Field of the Invention
The present invention relates to systems and methods for preventing/limiting unauthorized access to digital services and in particular to a method and system for uniquely identifying nonvolatile memory such that the identity of the memory is hidden.
2. Description of the Related Art
Digital services such as television programs and information regarding those programs (e.g., a program guide) are distributed to users by a variety of broadcasting methods. Such services may be proprietary and available on a subscription basis. To prevent unauthorized access to the services, a plethora of security mechanisms are utilized. Such mechanisms may store information in memory, wherein the information is used to validate a user or provide access. However, persons often attempt to obtain illegal/unauthorized access to the services by altering or accessing the memory contents. What is needed is the capability to prevent or increase the difficulty of obtaining illegal access to the information and digital services. These problems may be better understood by a description of current broadcasting methods, security mechanisms, and methods for obtaining unauthorized access to such services.
As described above, television programs and digital services are distributed to viewers by a variety of broadcasting methods. These methods include traditional analog broadcast television (National Television Systems Committee or “NTSC” standard), the soon to be required digital broadcast television (Advanced Television Systems Committee or “ATSC” standard), cable television (both analog and digital), satellite broadcasting (both analog and digital), as well as other methods. These methods allow channels of television content to be multiplexed and transmitted over a common transmission medium.
To view the television programming and have access to the digital services, users commonly have a set top box (also referred to as an integrated receiver/decoder [IRD]). Within the system or set top box, a security component/microcircuit known as a smart card may be utilized to prevent unauthorized access to the television programs and digital services. The smart card microcircuit may contain a microprocessor, volatile memory components, nonvolatile memory components, and a system input/output module.
Nonvolatile memory has been used extensively throughout the electronics industry. For example, in the IRD, the microprocessor utilizes nonvolatile memory to contain state information (e.g., status information) used to provide the desired functionality and enforce security policies intended by the designers. The microprocessor and/or a memory access control unit utilized by the microprocessor restricts access to the memory components.
However, there have been numerous attempts by individuals or companies (i.e., hackers or attackers) to attack, misuse, or modify the nonvolatile memory through external means of reprogramming or otherwise altering the contents of the memory when the memory component has been available to the central processor or otherwise on the system bus. For example, attacks using unforeseen methods or subverting poorly implemented defenses can be used to gain unauthorized access to the contents of the memory and/or lead to reprogramming the contents of the memory. Reprogramming or unauthorized access to the memory contents can lead to complete compromise of the security features intended in the device.
The simplest and most prevalent form of attack against the memory components uses external noninvasive means using a system's input/output module due to the low cost of the equipment required to implement this form of attack. Most attacks occur by inappropriate manipulation of a microprocessor or memory access control unit. For example, memory contents have been subverted when a memory access control unit (that controls access to a memory component) has been compromised. Once the single memory component has been breached, the attacker may then have the capability to access all memory address locations that reside in other memory components.
An example of unauthorized access to digital services occurs when a smart card or memory component is cloned. In such a low cost cloning attack, the identity of a card is copied to a new card. Accordingly, smart cards/memory components have an unchangeable identity/identification number. In the prior art, the identification number may be established as a hardwired identification number in read only memory (ROM). However, using a new ROM mask with a hardwired identification number for each chip produced is expensive and time consuming. Further, identification numbers in the prior art are accessible to the system input/output module, system bus, microprocessor, or external environment, thereby allowing attacks to the system.
In the prior art, the smart card identification number may be used by the IRD to allow or deny access to digital services, for example rejecting the card if the number falls outside the normal range of numbers used by the broadcaster. Similarly, the card may be rejected if the number appears in a blacklist message received by the IRD, identifying card numbers no longer in use, or cards whose service has been terminated, or card numbers known to be used by pirate devices. Alternately, the card may be rejected if the number does not appear in a received list of valid cards. Alternately, a pairing message may be received from the broadcaster, or entered by the subscriber, identifying a single card number authorized for use in that specific IRD, so that any other card is rejected. In order to apply the operations in these examples, the card identification number must be read by the IRD, using an input-output operation between the card and IRD. Since this identification number is observable, it may be copied and used by pirate devices to obtain similar access rights as the original.
Such an attack is particularly damaging if the identification number can be copied from one card to other cards originally manufactured and distributed by the service provider, since this not only causes losses due to the pirating of services, but also the loss of use and potential revenue from the other cards. One method to deter such a cloning attack is to store the identification number in a manner that may be read but may not be modified. Earlier embodiments in the prior art were easily circumvented by internal and external attacks including inappropriate manipulation of a microprocessor or memory access control unit. The current invention improves on such embodiments by storing the identification number in a separate and protected non-volatile memory.
While write-protected storage may prevent the pirate from copying the identifier into the service provider cards, it does not prevent the pirate from manufacturing other devices that use an identification number that has been copied from a valid card, or obtained by intercepting the input-output between a valid card and IRD, or by randomly generating potential card numbers and using trial and error until a number succeeds.
In the prior art, such attacks have been limited by additional hidden identification numbers that protect and/or validate the observable card identification number. For example, a zero knowledge identification procedure allows the IRD to validate the observable card number by checking card responses that are based on a different but related hidden number. In another example, a public-key digital signature algorithm allows the IRD to validate the observable card number by checking the digital signature from the card that is based on additional hidden information. In these and many other similar examples, the IRD (or a server, in the case of service requests from the IRD or card to the server by broadband or a dial-up back-channel) is able to validate the observable card identification number (or other information or requests from the card) by checking whether or not the card output data is consistent with internal card procedures or algorithms operating on hidden card identification numbers, and thereby the IRD (or server) may deny service for invalidated cards that fail to satisfy this proof of identity.
In the prior art, the hidden identification numbers are commonly stored in non-volatile memory directly accessible for reading or writing by the internal microprocessor, which performs the identification procedures and algorithms in software. In these embodiments, the hidden information is assumed to be protected because the system input-output is not designed with specific commands to read or change this data. However, pirates have frequently succeeded in cloning attacks on such systems by reading the hidden information using external noninvasive attacks on the volatile or non-volatile memory components by inappropriate manipulation of a microprocessor or memory access control unit. The current invention improves upon such embodiments by storing the hidden identification number in a separate and protected non-volatile memory that cannot be read or altered by the microprocessor, and using a custom logic block to perform identification procedures.
In the prior art methods have been taught for the storing of device keys in protected memory, where these hidden keys are used to produce the content decryption keys required for decrypting and thereby gaining access to digital content. However, such prior art does not disclose the storage of hidden identification numbers in protected memory, where these hidden identification numbers are used to identify devices that are permitted access to digital content as well as other services or systems.