Title of Invention

A PAY-TV RECEPTION SYSTEM

Abstract Pay-TV reception system comprising a receiver (A) connected to security means (C, D, F), this receiver (A) receiving descrambling information from the security means (C, D, F), characterized in that at least some of the information (4, 6) sent from the security means (C, D, F) to the receiver (A) are encrypted by a unique encryption key.
Full Text FORM 2
THE PATENTS ACT 1970 [39 OF 1970]
COMPLETE SPECIFICATION
[See Section 10 and Rule 13]
"A PAY-TV RECEPTION SYSTEM"
NAGRACARD S.A., of Route de Geneve 22, CH-1033 Cheseaux-sur-Lausanne, Switzerland,
The following specification particularly describes the nature of the invention and the manner in which it is to be performed:-


The present invention relates to a pay-TV reception system.
This invention relates to a system for controlling the transfer of information between a receiver and a security module, especially for a pay television system, as well as to a method of controlling the transfer of scrambled information.
BACKGROUND OF THE INVENTION
A pay television descrambling system is composed of a receiver and a security module. This module may be detachable or fixed. The purpose of the receiver is to descramble the signals received. The main purpose of the security module is to control the operation by verifying the descrambling authorization and by providing, as required, the information necessary for operating the descrambling module, for example by providing descrambling vectors, also called control words.
The existing systems use receivers which interrogate their security modules, and the latter reply by providing the information necessary for descrambling. At a given time, for the same transmitted broadcast, all the security modules reply with the same information. Because the information flows between the security module and the receiver at a low rate (of about 20 to 30 bytes/s), defrauders may use this information in order to broadcast it publicly, for example via the Internet.
The problem then arises of how to make a receiver and a security module interdependent so that:
-the given security module can be used only in the receiver for which the said security module was intended;
-the information stream exchanged between the security module and the receiver is unique. This uniqueness prevents the public broadcasting of this stream from allowing other receivers to work without the security module provided for this purpose.

SUMMARY OF THE INVENTION
The proposed solution to the abovementioned problem uses at least one encryption key specific to the receiver. This (or these) key(s) is(are) called a matching key. At least one of the keys is different for each 5 receiver. This (or these) key(s) is(are) installed in the non-volatile memory of the receiver, either during the manufacture of the said receiver or at a subsequent step. The receiver provides no means of access to this (or these) key(s) to the external world.
One possible means of programming this key into the security 10 module is to use the central information system which manages the group of receivers and which can embed, in the video transmission stream, information for programming this key into the secret non-volatile memory of the security modules. The formatting of this procedure is, of course, kept secret.
15 When transferring confidential information and/or information
necessary for the operation of the system from the security module to the receiver (typically, control words, but other information may be thus transferred), the security module encrypts this information using one or more unique matching keys common to the single receiver/security module
20 pair. Any method of encryption can be used provided the security module knows it, and the receiver knows the corresponding method of decryption. Once this information has been received by the receiver, it is then decrypted by the said receiver using the known method of decryption and the matching key stored in its non-volatile memory. The said information is
25 then uncoded information and can be used by the said receiver.
The invention therefore proposes a system for controlling the transmission of information between a receiver and a security module, especially for a pay television system, in which the transmitted information is encrypted and decrypted by means of at least one unique encryption key 30 stored, on the one hand, in the receiver and, on the other hand, in the security module.
The invention also relates to a system for descrambling scrambled information and to a pay television system comprising a transmission control system.


Moreover, the invention relates to a method of controlling the transmission of information between a receiver and a security module, especially for a pay television system, characterized in that at least one unique matching key is stored, on the one hand, in the receiver and, on the 5 other hand, in the security module and in that the information transmitted between the receiver and the security module is encrypted and decrypted by means of at least one said unique encryption key.
This solution according to the invention solves the problem posed. This is because:
10 - a security module inserted into a receiver other than that for
which the said security module has been matched will provide this other receiver with a stream of confidential information and/or of information necessary for the operation of the system which is encrypted with a key that does not correspond to that used for decrypting it. The result is
15 therefore unusable;
a stream of confidential information and/or of information
necessary for the operation of the system coming from a security module
cannot be distributed to several receivers. Only the receiver matched with
the card providing this stream of confidential and/or necessary information
20 is able to decrypt the said stream successfully.
The system may comprise a mechanism for verifying the matching procedure. The central information system may write a number, personal to the receiver, in the security module matched with the said receiver, for example a number generated randomly by the latter, or may 25 simply use its serial number. One means open to the receiver is to freely verify this personal number written in the security module and to compare it with that stored in its non-volatile memory.
This mechanism has the advantage of not using improper data.
The result of encryption followed by decryption by a different key usually
30 provides a pseudo-random result. If the result is not recognized as being
false and if this result is used as it is, this could result in the receiver or the
equipment connected to it being damaged.
Certain types of receivers have a detachable descrambling module. This module is responsible for a number of operations, among


which is the operation of descrambling the signals received. Confidential information is then transferred between the detachable security module and this detachable descrambling module. The mechanism of encryption of the communication, described above, between a receiver and a security 5 module is then transferred, as it is, between the detachable security module and the detachable descrambling module.
Likewise, the method of matching, described above, between the security module and the receiver is then transferred, as it is, between the detachable security module and the detachable descrambling module.
10 Descrambled signals are then transferred between the
detachable descrambling module and the receiver. The mechanism of encrypting the communication, along with the mechanism of matching, described above, between the security module and the receiver, is then transferred, as it is, between the receiver and the detachable descrambling
15 module.
The functions provided by the detachable descrambling module
and the detachable security module may be carried out by a single
module, called a detachable descrambling-security module. The matching
mechanism described above is then transferred, as it is, between the
20 detachable descrambling-security module and the receiver.
In all the cases described above, the matching key or keys may be used to encrypt a stream of confidential data and/or of data necessary for operating the system in the opposite direction, by reversing, respectively:
25 - the receiver and the detachable security module;
the detachable descrambling module and the detachable security module;
the receiver and the detachable descrambling module;
the receiver and the detachable descrambling-security module.
30 In all cases where a matching key is specific to one item of
equipment (a receiver or a detachable module), the same principles apply

to the use of a matching key (or several matching keys) specific to a group of items of equipment.
BRIEF DESCRIPTION OF THE FIGURES
Figure 1 illustrates a configuration employing a receiver and a 5 detachable security module.
Figure 2 illustrates a configuration employing a receiver, a detachable descrambling module and a detachable security module.
Figure 3 illustrates a configuration employing a receiver and a detachable descrambling-security module.
10 DETAILED DESCRIPTION
The receiver A in Figure 1 receives a stream of scrambled video information 1 from a source such as a satellite receiver or by cable. This stream, of the order of several megabits per second, is shaped in the receiver A and then transmitted to a control unit B which is responsible for
15 the descrambling and for managing the authorization for access to the scrambled video information. To do this, this control unit B periodically interrogates the detachable security module C (channel 3) which replies to the latter with a stream of confidential data and/or of data necessary for the operation of the control unit B (channel 4). These exchanges take place at
20 low rates and can be easily processed by the microprocessors of smart cards available on the market. According to the invention, the detachable security module C comprises at least one encryption key K in a non-volatile memory which encrypts the confidential data and/or the data necessary for operation of the control unit B (channel 4) towards the receiver A. This key
25 K is unique to the receiver A and written to the detachable security module C, making the information stream 4 unique to this system. The public broadcasting of this information 4 will no longer be of any use to other receivers as, in the case of the latter, since they are not in possession of the same key K, the information stream is completely incomprehensible.
30 By means of the information 4, the control unit B can recover the descrambled video signal 2, this being processed and then transmitted in standard form (PAL, SECAM, NTSC) to the video monitor.

A variant of the invention employs encryption, of the same kind, of the information 3 sent to the detachable security module C either using the same key K or using a different key J, which is unique and specific to the system formed by the receiver A and the detachable security module 5 C. Thus, any attempt to recover the key K from the information stream 4 is made much more difficult.
Figure 2 illustrates a variant using a detachable descrambling module D which incorporates the control unit B. In this case, the scrambled video stream 1 is shaped by the receiver A and sent to the detachable
10 descrambling module D. The mode of operation described in the case of Figure 1 between the receiver A and the detachable security module C is this time applied to the conversation between the detachable descrambling module D and the detachable security module C. The key K is written in a secret part of the detachable descrambling module D instead of the
15 receiver A. Thus, the information provided by the detachable security module C to the detachable descrambling module D is encrypted and therefore of no value to another detachable descrambling module D.
It may thus be seen that the information sent to the receiver A consists of a stream of descrambled video information 6 which can be
20 readily exploited, for example for illicit copies. In one variant of the invention, the stream 6 is encrypted in the detachable descrambling module D before being sent to the receiver A for descrambling by the decrypting unit E'. This operation is carried out using a key K' specific only to the receiver A/detachable descrambling module D system.
25 Consequently, the information stream 6 no longer has any meaning and can be understood only by the receiver A having the same key K'.
The receiver A may add, to the scrambled video stream 1, control information intended for the detachable descrambling module D. In order to prevent this information from being public and from opening a door 30 to understanding the encryption mechanism, this information is encrypted by the encryption unit E in order to obtain a scrambled video stream 6 containing encrypted control information.
Figure 3 illustrates a variant of the invention in which the
detachable security module is incorporated into a detachable
35 descrambling-security module F. The function of this module is to

descramble and to manage the authorization of the video signals received by the receiver A. According to the invention, this module includes a unique encryption key specific to the receiver A and written in this detachable descrambling-security module F. Likewise, the descrambled 5 video stream 6 is encrypted by this key and sent in this form to the receiver A. The latter, by means of the decryption unit E' and by using the same unique key, will be able to recover the uncoded video signal.
By analogy with the operation described in relation to Figure 2, the control information contained in the scrambled video stream 1 may be 10 encrypted by means of a unique encryption key by the unit E before it is sent to the detachable descrambling-security module F.
In all the examples described in relation to Figures 1 to

3, the matching may be checked. In the case of Figure 1, the receiver A writes a personal number, for example its serial number, in the detachable security
15 module C. Thus, the receiver can at any instant verify that the detachable security module C is indeed that which is intended for it. In the context of the example illustrated in Figure 2, the check may be made at two levels, namely a first level between the detachable descrambling module D and the detachable security module C and a second level between the
20 detachable descrambling module D and the receiver A. This second level is particularly important if the unscrambled information 6 sent to the receiver A is encrypted.



In the solution shown in Figure 3, the matching is checked between the receiver A and the detachable descrambling-security module 25 F.
In one embodiment of the invention, the receiver A is an MPEG
decoder using control words (information necessary for descrambling the
signal) in order to descramble the video signal. These control words are
provided by the detachable security module C. This module, for example a
30 smart card, includes a non-volatile memory for storing them.
In one embodiment of the invention, the detachable descrambling module D is a PCMCIA-type card which includes an MPEG decoder (control unit B).

In one embodiment of the invention, the detachable descrambling-security module F is produced in the form of a smart card which incorporates an MPEG decoder and a security module C.
In one embodiment of the invention, the unique encryption key 5 K is common to a group of receivers. This possibility is advantageous, for example in a school having several receivers to which the same detachable security module is applied depending on the requirements. Likewise, several detachable security modules include the same encryption key in order to be able to be placed in any one of the receivers
10 in the group. In this case, the matching check is carried out on a number which is no longer specific to one receiver but to a group of receivers. A combination may be produced with a number composed of two parts, one part defining the group and the other the receiver. The uniqueness of the personal number is respected, the matching conformity test then being
15 carried out on more than just the group part of this number.

WECLAIM:

1. Pay-TV reception system comprising a receiver (A) connected to security means (C, D, F), this receiver (A) receiving descrambling information from the security means (C, D, F), characterized in that at least some of the information (4, 6) sent from the security means (C, D, F) to the receiver (A) are encrypted by a unique encryption key.
2. Pay-TV reception system as claimed in claim 1, wherein the unique encryption key is common to a group of receivers.
3. Pay-TV reception system as claimed in claim 1 or 2, wherein at least some of the information (3, 5) sent from the receiver (A) to the security means (C, D, F) is encrypted by a unique encryption key.
4. Pay-TV reception system as claimed in claims 1 to 3, wherein the receiver (A) includes a personal number which may be written in the security means (C, D, F), it being possible for the said receiver (A) to verify at any time the conformity of this personal number written in the said security means (C, D, F).
5. Pay-TV reception system as claimed in claim 4, wherein the personal number comprises a part specific to a group of receivers and a part specific to one receiver and in that the conformity of the matching is verified on the part specific to the group of receivers.
6. Pay-TV reception system as claimed in claims 1 to 5, wherein the receiver (A) includes a control unit (B) and in that the security means consist of a detachable security module (C) in which the confidential information (4) and/or the information (4) necessary for the operation of the control unit (B) is stored.
7. Pay-TV reception system as claimed in claims 1 to 5, wherein the security means comprise a detachable descrambling-security module (F) comprising a control unit (B) and a security unit (C), these units being responsible for descrambling and for authorizing the video information.
8. Pay-TV reception system comprising a receiver (A) connected to security means (C, D, F), this receiver (A) receiving descrambling information from the security means (C, D, F), wherein these security means comprise a detachable security module (C) and a detachable descrambling module (D) which includes a control unit (B) and in that at least some of the confidential information (4) and/or of the information (4) necessary for the operation of the control unit (B) is encrypted before being sent to the detachable descrambling module (D) by the detachable security module (C) by means of a unique encryption key.
9. Pay-TV reception system as claimed in claims 8, wherein at least some of the information (3) sent from the detachable descrambling module (D) to the security module (C) is encrypted by a unique encryption key.

10. Pay-TV reception system as claimed in claim 8 or 9, wherein the detachable descrambling module (D) includes a personal number which may be written in the detachable security module (C), it being possible for the said detachable descrambling module (D) to verify at any time the conformity of this personal number written in the said detachable security module (C).
11. Pay-TV reception system as claimed in claim 10, wherein the personal number comprises a part specific to a group of detachable descrambling modules (D) and a part specific to one detachable descrambling module (D) and in that the conformity of the matching is verified on the part specific to the group of detachable descrambling modules (D).
12. Pay-TV reception system as claimed in claims 9 to 11, wherein at least some of the information (5) sent from the receiver (A) to the detachable descrambling module (D) is encrypted by a unique encryption key.
13. Pay-TV reception system as claimed in claims 9 to 12, wherein at least some of the information (6) sent from the detachable descrambling module (D) to the receiver (A) is encrypted by a unique encryption key.
14. Pay-TV reception system as claimed either in claims 12 and 13, wherein the receiver (A) includes a personal number which may be written in the detachable descrambling module (D), it being possible for the said receiver (A) to verify at any time the conformity of this personal number written in the said detachable descrambling module (D).
Dated this 11th day of October, 2000.
(RITUSHKA NEGI)
OF REMFRY & SAGAR
ATTORNEY FOR THE APPLICANTS

Documents:

abstract1.jpg

in-pct-2000-00494-mum-cancelled pages(7-6-2004).pdf

in-pct-2000-00494-mum-claims(granted)-(07-06-2006).doc

in-pct-2000-00494-mum-claims(granted)-(7-6-2004).pdf

in-pct-2000-00494-mum-correspondence(11-06-2004).pdf

in-pct-2000-00494-mum-correspondence(ipo)-(7-11-2006).pdf

in-pct-2000-00494-mum-drawing(7-6-2004).pdf

in-pct-2000-00494-mum-form 1(11-10-2000).pdf

IN-PCT-2000-00494-MUM-FORM 16(9-8-2011).pdf

in-pct-2000-00494-mum-form 1a(11-10-2000).pdf

in-pct-2000-00494-mum-form 2(granted)-(07-06-2006).doc

in-pct-2000-00494-mum-form 2(granted)-(7-6-2004).pdf

in-pct-2000-00494-mum-form 3(11-10-2000).pdf

in-pct-2000-00494-mum-form 3(26-5-2004).pdf

in-pct-2000-00494-mum-form 4(11-3-2004).pdf

in-pct-2000-00494-mum-petition under rule 137(26-5-2004).pdf

in-pct-2000-00494-mum-petition under rule 138(11-6-2004).pdf

in-pct-2000-00494-mum-power of authority(10-9-2000).pdf


Patent Number 203655
Indian Patent Application Number IN/PCT/2000/00494/MUM
PG Journal Number 19/2007
Publication Date 11-May-2007
Grant Date 07-Nov-2006
Date of Filing 11-Oct-2000
Name of Patentee NAGRACARD S.A.
Applicant Address ROUTE DE GENEVE 22, CH-1033 CHESEAUX-SUR-LAUSANNE, SWITZERALAND.
Inventors:
# Inventor's Name Inventor's Address
1 ANDRE KUDELSKI AND MARCO SASSELLI BOTH ARE SWISS CITIZENS.
2 MARCO SASSELLI 20 CHEMIN DES ROCHES, CH-1803 CHARDONNE, SWITZERLAND.
PCT International Classification Number N/A
PCT International Application Number N/A
PCT International Filing date 1999-05-06
PCT Conventions:
# PCT Application Number Date of Convention Priority Country
1 00681 1998-05-07 Switzerland