United States Patent (19)
`Wasilewski et al.
`
`54 METHOD AND APPARATUS FOR
`PROVIDING CONDITIONAL ACCESS IN
`CONNECTION-ORIENTED, INTERACTIVE
`NETWORKS WITH A MULTIPLICITY OF
`SERVICE PROVIDERS
`
`Inventors: Anthony John Wasilewski, Alpharetta;
`Douglas F. Woodhead, Lawrenceville;
`Gary Lee Logston, Tucker, all of
`Ga.
`Assignee: Scientific-Atlanta, Inc., Norcross,
`Ga.
`
`Appl. No. 580,759
`Filed:
`Dec. 29, 1995
`
`Related U.S. Application Data
`
`Provisional application No. 60/007,962 Dec. 4, 1995.
`Int. Cl." ............................. H04L 9/00; H04K 1/00
`U.S. Cl. ................................. 380/21: 380/23: 380/25;
`380/49
`Field of Search .................................. 380/21, 23, 25,
`380/49
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`33,189 3/1861. Lee et al. .................................. 380/20
`4,405,829 9/1983 Rivest et al. ............................., 380/30
`4,531,020 7/1985 Wechselberger et al.
`178/2.2.08
`4,613,901
`9/1986 Gilhousen et al. ......
`... 358/122
`4,634,807
`1/1987 Chorley et al. ............................. 380/4
`4,912,762 3/1990 Lee et al. ......
`... 380/24
`5,029,207 7/1991 Gammie .................................... 380/10
`5,124,117 6/1992 Tatebayashi et al. ..................... 380/21
`5,237,610 8/1993 Gammie .................................... 380/10
`5,341,525 8/1994 Wasilewski et al. ..................... 380/20
`5,381,481
`1/1995 Gammie et al. .......................... 380/49
`5,400,401 3/1995 Wasilewski et al. ....................... 380/9
`5,420,866 5/1995 Wasilewski .......
`370/110.1
`5,473,692 12/1995 Davis ........................................ 380/25
`5,481,542
`1/1996 Logston et al.
`... 370/94.2
`5,481,613
`1/1996 Ford et al. ................................ 380/30
`5,557,678 9/1996 Ganesan .................................... 380/21
`(List continued on next page.)
`
`USOO5870474A
`Patent Number:
`11
`(45) Date of Patent:
`
`5,870,474
`Feb. 9, 1999
`
`OTHER PUBLICATIONS
`Diffle, et al., “Authentication and Authenticated Key
`Exchanges,” Designs, Codes and Cryptography 2,107-125
`(1992).
`Bruce Schneier, “Applied Cryptography,” 357-363 (1995).
`Menezes et al., “Handbook of Applied Cryptography,”
`506–525 (1996).
`MPEG Systems International Standards Reference (ISO/
`IEC JTC1/SC29/WG 11 NO801, Nov., 1994, ISO Reference
`No. 13818-1
`Wasilewski, A., “Universal Multi-Program Multiplex and
`Transport for MPEG-2 Systems”, International Organiza
`tion for Standardization, ISO/IEC JTC1/SC29/WG 11
`MPEG 93/170, (Jan. 1993).
`Wasilewski, A., An MPEG-2 Multi-Program Multiplex
`Syntax International Organization for Standardization, ISO/
`IEC JTC1/SC29/WG 11 MPEG 93/170, (Jan. 1994).
`(List continued on next page.)
`Primary Examiner Thomas H. Tarcza
`Assistant Examiner Hrayr A. Sayadian
`Attorney, Agent, or Firm-Kenneth M. Massaroni; Kelly A.
`Gardner, Hubert J. Barnhardt, III
`57
`ABSTRACT
`A control System provides Secure transmission of programs,
`including at least one of Video, audio, and data, between a
`Service provider and a customer's Set top unit over a digital
`network. Program bearing data packets are recieved in a first
`network protocol over a first data link and removed from the
`first network protocol. Packets representing a particular
`program requested by a customer having a Set top unit are
`Selected. Conditional access is provided to the Selected
`program. In particular, program bearing packets are
`encrypted according to a first encryption algorithm using a
`first key, which is then encrypted according to a Second
`encryption algorithm using a Second key. The first keys are
`transported in packets to the customer's Set top units along
`with the program packets. A public key cryptographic tech
`nique encrypts the Second key Such that the public key used
`in the encryption corresponds to the private key of the
`customer's Set top unit. After the conditional access layers
`have been added, the packets are encapsulated and output in
`a Second network protocol destined for the Set top unit.
`
`50 Claims, 17 Drawing Sheets
`
`59
`
`ETHERNE
`ENERFACE
`
`5
`
`CONROL
`PROCESSOR
`
`DU, POR
`A.
`
`
`
`155
`CONTROL
`WOR)
`STORACE
`
`RANDOM
`NUMBER
`GENERATOR
`
`CHANNE
`BANK
`INTERFACE
`
`164
`
`CONTROL
`CARD
`
`22
`
`
`
`153
`
`TRIPE
`DES
`NCRPEER
`
`162
`
`PACKET
`MUX
`
`PACKET
`ENCRYPTION
`PROCESSOR
`
`58
`
`f
`
`PACK
`DISTR8UTION
`154
`166.
`BOCK
`
`DES
`Block
`DES
`
`66b
`
`|-
`|
`
`l
`
`Comcast, Ex. 1019
`
`1
`
`
`Wasilewski et al.
`
`54 METHOD AND APPARATUS FOR
`PROVIDING CONDITIONAL ACCESS IN
`CONNECTION-ORIENTED, INTERACTIVE
`NETWORKS WITH A MULTIPLICITY OF
`SERVICE PROVIDERS
`
`Inventors: Anthony John Wasilewski, Alpharetta;
`Douglas F. Woodhead, Lawrenceville;
`Gary Lee Logston, Tucker, all of
`Ga.
`Assignee: Scientific-Atlanta, Inc., Norcross,
`Ga.
`
`Appl. No. 580,759
`Filed:
`Dec. 29, 1995
`
`Related U.S. Application Data
`
`Provisional application No. 60/007,962 Dec. 4, 1995.
`Int. Cl." ............................. H04L 9/00; H04K 1/00
`U.S. Cl. ................................. 380/21: 380/23: 380/25;
`380/49
`Field of Search .................................. 380/21, 23, 25,
`380/49
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`33,189 3/1861. Lee et al. .................................. 380/20
`4,405,829 9/1983 Rivest et al. ............................., 380/30
`4,531,020 7/1985 Wechselberger et al.
`178/2.2.08
`4,613,901
`9/1986 Gilhousen et al. ......
`... 358/122
`4,634,807
`1/1987 Chorley et al. ............................. 380/4
`4,912,762 3/1990 Lee et al. ......
`... 380/24
`5,029,207 7/1991 Gammie .................................... 380/10
`5,124,117 6/1992 Tatebayashi et al. ..................... 380/21
`5,237,610 8/1993 Gammie .................................... 380/10
`5,341,525 8/1994 Wasilewski et al. ..................... 380/20
`5,381,481
`1/1995 Gammie et al. .......................... 380/49
`5,400,401 3/1995 Wasilewski et al. ....................... 380/9
`5,420,866 5/1995 Wasilewski .......
`370/110.1
`5,473,692 12/1995 Davis ........................................ 380/25
`5,481,542
`1/1996 Logston et al.
`... 370/94.2
`5,481,613
`1/1996 Ford et al. ................................ 380/30
`5,557,678 9/1996 Ganesan .................................... 380/21
`(List continued on next page.)
`
`USOO5870474A
`Patent Number:
`11
`(45) Date of Patent:
`
`5,870,474
`Feb. 9, 1999
`
`OTHER PUBLICATIONS
`Diffle, et al., “Authentication and Authenticated Key
`Exchanges,” Designs, Codes and Cryptography 2,107-125
`(1992).
`Bruce Schneier, “Applied Cryptography,” 357-363 (1995).
`Menezes et al., “Handbook of Applied Cryptography,”
`506–525 (1996).
`MPEG Systems International Standards Reference (ISO/
`IEC JTC1/SC29/WG 11 NO801, Nov., 1994, ISO Reference
`No. 13818-1
`Wasilewski, A., “Universal Multi-Program Multiplex and
`Transport for MPEG-2 Systems”, International Organiza
`tion for Standardization, ISO/IEC JTC1/SC29/WG 11
`MPEG 93/170, (Jan. 1993).
`Wasilewski, A., An MPEG-2 Multi-Program Multiplex
`Syntax International Organization for Standardization, ISO/
`IEC JTC1/SC29/WG 11 MPEG 93/170, (Jan. 1994).
`(List continued on next page.)
`Primary Examiner Thomas H. Tarcza
`Assistant Examiner Hrayr A. Sayadian
`Attorney, Agent, or Firm-Kenneth M. Massaroni; Kelly A.
`Gardner, Hubert J. Barnhardt, III
`57
`ABSTRACT
`A control System provides Secure transmission of programs,
`including at least one of Video, audio, and data, between a
`Service provider and a customer's Set top unit over a digital
`network. Program bearing data packets are recieved in a first
`network protocol over a first data link and removed from the
`first network protocol. Packets representing a particular
`program requested by a customer having a Set top unit are
`Selected. Conditional access is provided to the Selected
`program. In particular, program bearing packets are
`encrypted according to a first encryption algorithm using a
`first key, which is then encrypted according to a Second
`encryption algorithm using a Second key. The first keys are
`transported in packets to the customer's Set top units along
`with the program packets. A public key cryptographic tech
`nique encrypts the Second key Such that the public key used
`in the encryption corresponds to the private key of the
`customer's Set top unit. After the conditional access layers
`have been added, the packets are encapsulated and output in
`a Second network protocol destined for the Set top unit.
`
`50 Claims, 17 Drawing Sheets
`
`59
`
`ETHERNE
`ENERFACE
`
`5
`
`CONROL
`PROCESSOR
`
`DU, POR
`A.
`
`
`
`155
`CONTROL
`WOR)
`STORACE
`
`RANDOM
`NUMBER
`GENERATOR
`
`CHANNE
`BANK
`INTERFACE
`
`164
`
`CONTROL
`CARD
`
`22
`
`
`
`153
`
`TRIPE
`DES
`NCRPEER
`
`162
`
`PACKET
`MUX
`
`PACKET
`ENCRYPTION
`PROCESSOR
`
`58
`
`f
`
`PACK
`DISTR8UTION
`154
`166.
`BOCK
`
`DES
`Block
`DES
`
`66b
`
`|-
`|
`
`l
`
`Comcast, Ex. 1019
`
`1
`
`
`
`5,870.474
`Page 2
`
`U.S. PATENT DOCUMENTS
`5,557,765 9/1996 Lipner et al. ............................. 380/21
`5,559,889 9/1996 Easter et al. .............................. 380/30
`5,563,950 10/1996 Easter et al. ..
`... 380/30
`5,568,552 10/1996 Davis ............
`... 380/4
`5,583,939 12/1996 Chang et al. ............................. 380/21
`
`
`
`OTHER PUBLICATIONS
`Wasilewski, A., “Requirements and Method for High-Level
`Multiplexing of MPEG and Other Digital Service Citstreams
`with Universal Transport Layer”, International Organization
`for Standardization, ISO/IEC JTC1/SC2/WG 11 MPEG
`92/754, (Nov., 1992).
`
`2
`
`
`
`cwnu
`
`m
`
`Damcomg
`“w3pm
`.N4w>MJ
`
`.ue
`
`999
`
`F3km
`
`Dom.
`
`onoom”
`
`10
`
`:pm
`
`whS
`
`com
`
`11
`
`1
`
`7I
`
`nm3km
`
`._._
`
`on“IIIJ_oo__“u_mm>xmm_z<z_____n_mm>mmm_00m__”j:__“comhHr.llllllllllllL_#m>mg_N#m>MJ
`
`
`
`
`><;Mh<ofirmno__“mm>mmm
`
` lllllllll|_
`
`xmoghmz
`
`.4355:[IL
`
`commm>mmmHMJ:__
`
`z<z_'1_
`
`5,870,474
`
`OM—u/
`
`mmmzokmao
`
`
`
`moH<mm¢oxmozpmz
`
`ONPII/lr,or
`
`N.Ubw
`
`
`
`mxmoSomn.mo_>mmm
`
`ozoz
`
`3
`
`
`
`
`U.S. Patent
`
`Feb. 9, 1999
`
`Sheet 2 of 17
`
`5,870,474
`
`
`
`07
`
`09
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`X!NW8. TENNWHO
`
`4
`
`
`
`US. Patent
`
`.hh
`
`%0L
`
`MM3w%
`
`lo
`
`8,
`
`A4HI
`
`4,Immm“PE
`
`ANF
`
`lmm~2_
`
`mommmoOmm
`
`zofi<Bzazzoo
`
`NNF
`
`
`
` <H<o%mwo<z<2zofimmm
`
`
`
`mOmmmoOmmImmm
`
`
`
`mmumzm2<m
`
`9,E
`
`
`
`mummsm2<m
`
`mm?
`
`guzz<Io
`
`xz<m
`
`m0<mmm~2_
`
`
`
`mummamzofimmm
`
`Jomhzoom~<x%HZmzmo<z<§
`
`mNF
`
`_QQL
`
`40mhzoo<20dm0<gmmpz_
`
`FNF
`
`4<o:mo
`
`HDmZ
`
`0v
`
`5
`
`
`
`
`
`
`
`U.S. Patent
`
`Feb. 9, 1999
`
`Sheet 4 of 17
`
`5,870,474
`
`WIW13NOS
`
`
`
`
`
`
`
`
`
`
`
`
`
`6
`
`
`
`US. Patent
`
`Feb. 9, 1999
`
`Sheets 0f17
`
`5,870,474
`
`wm
`
`zofimmeZMFHuxo<m
`
`mommmoomm
`
`meo<m
`
`zofizmahflo
`
`meu<m
`
`xnz
`
`m4m_mp
`
`mmo
`
`mmpmmozm
`
`ov—
`
`Aomhzoo
`
`ego;
`
`mo<m0Hm
`
`mm—Fm—
`
`Hmzmmxpm
`
`m0<mmmpz_
`
`mm—
`
`mm—
`
`zooz<m
`
`mmmzaz
`
`mok<mm2mo
`
`
`
`HmOm4<Do
`
`2<m
`
`AOKHZOQ
`
`mommm00mm
`
`4mzz<Io
`
`xz<m
`
`mo<umMHz_
`
`gomHzoo
`
`7
`
`
`
`
`
`
`
`
`
`
`
`
`U.S. Patent
`US. Patent
`
`____mmgqom
`
`
`
`_
`
`<P<o_____mm__mommmoogl__x3:mo_JOKHZOQ_rllllllllllllL
`
`Nm_
`
`w;__
`
`9__my__1H__9.__Etaw__»mozmz
`
`__¢m_
`
`
`
`
`
`e
`
`6
`
`p;_«No_
`
`a,_1III
`
`
`
`aw
`
`%a“_flIIIIIIIIIIII4_SEEE
`
`
`__Hamhso_Hmzmmkamm___<H<o
`
`5,870,474
`5,870,474
`
`om<o
`
`
`
`mmmoo<A<zo:;ozooon:40
`
`o¢_
`
`8
`
`
`
`
`U.S. Patent
`US. Patent
`
`hS
`
`71
`
`5,870,474
`5,870,474
`
`1:;
`
`9,aP¢»m02mm4<zgpazoomm_mmr
`9,4m>m4UCN”E2352$2328
`
`1”x3:mo<mmmzego;Aomhzoo
`
`
`
`
`
`
`
`
`
`7a5xzommmmmHm»x02mxm:..:43:
`
`Mmmazzgm355mozfifio
`
`m.65%
`
`oomom4m>m4ngm
`
`zo:m>m02m
`
`00%03mg;
`
`>mx
`
`mm<m<F<o
`
`zocm»m02m
`
`
`
`mucumzNm_Illlllllllllllllllllllll
`
`LVmP
`
`7 G |
`
`Hm»mozm
`
`
`
`z<m00mm:«moomm
`
`
`
`m<MAo
`
`NIQMlz
`
`4m>m4+m_
`
`zo:m»m02m
`
`
`
`
`
`
`
`
`
`9
`
`
`
`
`
`U.S. Patent
`
`Feb. 9, 1999
`
`Sheet 8 of 17
`
`5,870,474
`
`
`
`
`
`
`
`
`
`
`
`
`
`CLEAR CW
`
`PRIVATE-KEY
`ENCRYPT
`(e.g., TRIPLE DES)
`
`
`
`ONE-WAY
`HASH FUNCTION
`(e.g., MD5)
`
`ENCRYTED CW
`
`
`
`PRIVATE-KEY
`ENCRYPT
`(e.g., TRIPLE DES)
`
`CLEAR CW
`
`
`
`1 O1 O
`
`ONE-WAY
`HASH FUNCTION
`(e.g., MD5)
`
`
`
`
`
`FIG. BA
`
`AUTHENTC
`
`
`
`NON-AUTHENTC
`
`10
`
`
`
`U.S. Patent
`
`Feb. 9, 1999
`
`Sheet 9 of 17
`
`5,870,474
`
`CLEAR EMM
`
`1 O20
`
`ONE-WAY
`HASH FUNCTION
`(e.g., MD5)
`
`
`
`
`
`
`SP
`PRIVATE
`KEY
`
`PUBLIC-KEY
`ENCRYPT
`(e.g., RSA)
`
`PUBLIC-KEY
`ENCRYPT
`(e.g., RSA)
`
`STU
`PRIVATE
`KEY
`
`1026
`
`
`
`
`
`
`
`PUBLC-KEY
`DECRYPT
`(e.g., RSA)
`
`STU
`PRIVATE
`KEY
`
`TOKEN CLEAR EMM
`
`
`
`
`
`SP
`PRIVATE
`KEY
`
`PUBLC-KEY
`DECRYPT
`(e.g., RSA)
`
`ONE-WAY
`HASH FUNCTION
`(e.g., MD5)
`
`FIG. 3B
`
`
`
`MESSAGE ES
`AUTHENTC
`
`11
`
`
`
`U.S. Patent
`
`Feb. 9, 1999
`
`Sheet 10 of 17
`
`5,870,474
`
`PACKET
`HEADER
`(4 BYTES)
`
`
`
`
`
`
`
`21 O
`
`ADAPTATION FELD
`(OPTIONAL)
`(N BYTES)
`
`
`
`PACKET DATA
`(184-N BYTES)
`
`FIG. 4
`
`23O
`
`2OO
`
`MPEG-2
`TRANSPORT
`PACKET
`
`
`
`MPEG-2
`TRANSPORT
`PACKET
`
`2OOb
`
`2OOd
`
`MPEG LAYER
`
`
`
`
`
`
`
`252
`
`COMMON PART
`CONVERGENCE
`SUBLAYER
`250 -
`
`/
`SEGMENTATION
`A
`AND
`REASSEMBLY /
`SUBLAYER /
`
`SAR
`PAYLOAD 1
`
`26 Od
`
`26 Ob
`
`
`
`
`
`ATM
`LAYER
`27Od-1
`
`CELL
`PAYLOAD
`
`272d
`
`SAR
`PAYLOAD
`
`12
`
`
`
`U.S. Patent
`US. Patent
`
`b.eF
`
`99919,
`
`hS
`
`
`
`mmmmmm
`
`/8Z987987
`
`mmm
`
`vwm
`
`mmm
`
`NmN
`
`5m
`
`owwkx23:@253
`
`
`825WEEEQ
`
`u2<mm
`
`vamxo
`
`moZMDOmm
`
`
`
`1.05200x2:.2053
`
`Dom
`
`mz<~E
`
`WEED:
`
`GEE/Cm
`
`mmbzfimo
`
`Emzfimak
`
`5,870,474
`5,870,474
`
`71M
`
`1EU:a5895:wTam:
`
`gm
`
`m.UPN
`
`| 6Z
`
`SS
`
`13
`
`13
`
`
`
`
`
`
`U.S. Patent
`US. Patent
`
`Feb. 9, 1999
`Feb. 9, 1999
`
`Sheet 12 of 17
`Sheet 12 0f 17
`
`5,870,474
`5,870,474
`
`
`
`2
`
`PARHY(8BYTES)
`
`REED—SOLOMON
`
`A(
`
`/1
`-N
`LAJ
`v)
`'—
`U
`>—
`-
`X
`CD
`
`X0.
`
`: N
`SUBFRAME
`s
`IG.
`
`7 F
`
`14
`
`(D
`oC)
`00
`CO
`I;
`w
`NY
`‘—
`LAJ
`H
`u
`NC.
`C)
`q:
`-C
`0.
`n
`.—
`D:
`H
`2
`O
`.
`Cl
`(1')
`(M)
`21
`ad
`:
`5—
`1.
`H
`s
`‘T‘O
`LLJ
`CD
`CL
`O
`>
`
`O0
`
`Z<a
`
`14
`
`
`
`U.S. Patent
`US. Patent
`
`.mF
`
`9m99
`
`m
`
`7
`
`5,870,474
`5,870,474
`
`
`
`Mo<mzmm>ommmod>zmo<o.;<n_mDOZOmIoz»mEOmmz<E
`
`
`
`
`
`
`mEhoo0mm
`S13100 0/Z
`
`
`
`
`
`
`
`TImEHoom
`|-S13100 6
`
`15
`
`
`
`
`
`._.<2mo.._mz<Eomlm._.mTzoflz:
`
`
`
`m..Uhm
`
`{? "5)I, H.
`
`15
`
`
`
`
`U.S. Patent
`US. Patent
`
`Feb. 9, 1999
`Feb. 9, 1999
`
`Sheet 14 Of 17
`Sheet 14 0f 17
`
`5,870,474
`5,870,474
`
`
`
`ON
`
`9 F
`
`s
`IG.
`
`OVERHEAD
`
`
`
`STS-3CTRANSPORT
`
`16
`
`16
`
`
`
`U.S. Patent
`US. Patent
`
`Feb. 9, 1999
`Feb. 9, 1999
`
`Sheet 15 0f 17
`Sheet 15 0f 17
`
`5,870,474
`5,870,474
`
`
`
`Hmommz<mbN0mm2
`
`
`
`0mm:mo;mam
`
`
`
`
`Hg>mmmmmmzmHm¥o<mHmOmmz<mHm2upm>mN
`
`QN65%
`
`17
`
`17
`
`
`
`U.S. Patent
`
`Feb. 9, 1999
`
`Sheet 16 of 17
`
`5,870,474
`
`
`
`
`
`
`96 ||
`
`| 6 ||
`
`A3X BIVAIHd
`
`
`HOSS300Bd ! | | | |
`
`0.6 %
`
`9,6 ||
`
`
`
`(og NýN
`
`18
`
`
`
`U.S. Patent
`U
`tne
`
`0
`
`5,870,474
`5,870,474
`
`
`
`
`
`
`
`
` 7_52%;:_nu555:un"no;Ev.MEZEmmmm,:53:Hw_8:52_%"£8omom575::n___“888%$8885_”"omen
`
`
`
`
`
`
`w.EmoiiPGOVmmmoo<.
`.ézoEozoo7NN.UNAS._
`
`
`
` SE28“01,_I-55%._9.,_:53;$25kamm_w:55._F_Ev.ESEmmI__Om_“omom“rIIIIIIIIIIIIIIIIIIWomm.
`llllllllllllllllllllllllllllL
`
`Z92
`
`19
`
`
`
`
`
`
`_u_Fmooh_mommu00xm_EwenrIIIIIIIIIIIIIIIIIIIIIIII.
`nmom_wIIIIIIIIIIIIIIIIIIIIIIIIIIJEmsfifimfi2,52_nooml/zQvom
`
`OW ON
`
`19
`
`
`
`
`
`5,870,474
`
`1
`METHOD AND APPARATUS FOR
`PROVIDING CONDITIONAL ACCESS IN
`CONNECTION-ORIENTED, INTERACTIVE
`NETWORKS WITH A MULTIPLCITY OF
`SERVICE PROVIDERS
`
`15
`
`2
`network. A provider of Level 2 services is defined by the
`FCC as an enhanced Services provider and is not regulated
`by the FCC. Significantly, these FCC regulations limit the
`control a Level 1 services provider may have over Level 2
`Services.
`In a Level 1/Level 2 system, which is under the jurisdic
`tion of the FCC, the SP resides in Level 2 and the control that
`the SP can exercise over Level 1 Services is restricted.
`However, in any System where a SP is delivering programs
`to a customer Over a network, the SP has a need to prevent
`the unauthorized access to the programs provided to the
`customer. For example, a nonSubscriber may attempt to
`illegitimately receive the programs intended for the use of
`paying Subscribers. This protection of programs through the
`prevention of unauthorized acceSS is referred to as “condi
`tional access.” AS used herein the terms “conditional access”
`and “conditional access layer” broadly refer to the control
`mechanisms, data Structures and commands that provide for
`Selective acceSS or denial of Specific Services. Prior art
`Systems have provided conditional access by encrypting the
`programs at the SPSite and decrypting the programs at the
`customer Site.
`For example, Lee et al., U.S. Pat. No. Re. 33,189, dis
`closes a System using an encryption mechanism for provid
`ing conditional acceSS in a Satellite television System and is
`hereby incorporated by reference. In Lee, a program is
`Scrambled at a SP Site using a frequently changing random
`number. The random numbers are encrypted with a key and
`broadcast along with the program to customer Sites. Cus
`tomers who have paid receive the key, encrypted with the
`unique ID that is embedded in their set top unit (STU). These
`customers STUS can decrypt the key using the unique ID
`embedded therein. The customers’ STU can then decrypt the
`encrypted random numbers, as they are broadcast, and use
`the random numbers, along with the key, to decrypt the
`program. AS noted above, the key in the Lee invention must
`be securely transmitted; otherwise, an unauthorized user
`could get access to the key and gain access to the broadcast
`programs. Lee protects the key by using the unique ID of the
`STU to encrypt it. Such a technique works fine in a broadcast
`environment where there is a single broadcaster to multiple
`users. In that environment, the broadcaster can take adequate
`measures to protect the list of valid customer STU IDs.
`However, in a telephone architecture regulated by the FCC,
`as described above, multiple service providers (i.e.,
`broadcasters) must have access to the multiple users. In Such
`an environment, the list of unique STU IDs is vulnerable to
`discovery by unauthorized parties, and the Security of the
`System may be breached. Additionally the Lee System is
`appropriate for a broadcast environment in which the SPS
`have the only reasonable means to address the STUs.
`Therefore, the System is not Susceptible to compromise by
`unauthorized users addressing the STUs. However, in a
`digital network environment where STUs are uniquely
`addressable, and multiple SPs have access to multiple STUs,
`an unauthorized user could put information on the network
`addressed to individual STUs and thereby compromise the
`System. Applicants have recognized that a conditional access
`System in a digital network environment must have a mecha
`nism that allows the STU to authenticate the identity of the
`SP. Thus, applicants have recognized that an improved
`encryption technique is needed.
`Moreover, while encryption has provided conditional
`access, the problem of where to perform the conditional
`acceSS in an FCC regulated System remains unresolved.
`Applicants have recognized that a Solution that performs the
`conditional access within the L1 portion of the System is
`unnecessarily complicated by FCC regulation.
`
`25
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`This application claims priority of earlier filed U.S. pro
`visional application Ser. No. 60/007,962, filed Dec. 4, 1995,
`entitled “An Apparatus for Providing Conditional Access in
`Connection-Oriented, Interactive Networks With a Multi
`plicity of Service Providers.”
`FIELD OF THE INVENTION
`The present invention relates to a control System for
`providing interactive information Services, Such as Video,
`audio, library, interactive games, and the like over a digital
`network. Particular video applications include “movie on
`demand,” on-line data retrieval, and home Shopping. More
`particularly, the invention relates to a control System for
`providing Secure transmission of these information Services
`between a Service provider and a customer's Set top unit over
`a digital network.
`BACKGROUND OF THE INVENTION
`Recent advances in digital Signal processing techniques
`and, in particular, advancements in digital compression
`techniques, have led to an abundance of proposals for
`providing new digital Services to the customer's home via
`existing telephone and coaxial cable lines. For example,
`proposals have been made to provide hundreds of CATV
`channels to customers by compressing digital Video, trans
`mitting the compressed digital Video over conventional
`coaxial CATV cables, and then decompressing the video at
`the customer's Set top unit. Another proposed application of
`this technology is a “movie on demand Video System in
`which a customer communicates directly with a Video
`service provider via the telephone lines or coaxial CATV
`40
`cables to request a particular video program from a video
`library, and the requested Video program is routed to the
`caller's home via the telephone lines or via the coaxial
`CATV cables for immediate viewing.
`Such an exemplary System typically has three distinct
`segments: (1) a service provider (SP), which provides the
`Video, audio, interactive games and the like (collectively
`referred to hereinafter as “programs”) to the System; (2) a
`customer, who purchases the programs from the Service
`provider; and, (3) a network operator, which provides a
`transmission path or connection between the SP and the
`customer for delivery of the programs. Alayer of complexity
`is added to the operation and design of the System if the
`network operator is defined as a telephone company by the
`Federal Communications Commission (FCC). In such a
`case, the network operator is Subject to regulation under the
`jurisdiction of the FCC. The system will then be further
`categorized into Level 1 Services (L1) and Level 2 Services
`(L2). Level 1 Services provide the information Session
`connection and define the portion of the System responsible
`for Setting up and maintaining interactive communication
`Sessions between customers and SPS. Level 1 Services are
`provided by the network operator and are regulated by the
`FCC. Level 2 services, on the other hand, define the portion
`of the System responsible for providing the programs
`requested to the L1 portion of the system from the SP and
`for terminating the Service at the customer end of the
`
`35
`
`45
`
`50
`
`55
`
`60
`
`65
`
`20
`
`
`
`3
`Applicants have recognized that conditional access
`should be performed while a program is still in control of the
`Level 2 service provider, i.e., before it is delivered to the L1
`portion of the System. Access to the program and Vital
`conditional access information can be closely controlled by
`a Service provider. Unfortunately, the file Server equipment
`currently available to Service providers does not provide the
`necessary functionality to perform conditional access before
`a program is output from the file Server. As a result, there is
`a need for method and apparatus to provide conditional
`access to a program after it exits a file Server, but before it
`enters the L1 portion of the System.
`The problem is complicated further when considered in
`the context of a typical digital network environment. In Such
`an environment it is expected that the SPS will store pro
`grams on file servers in the form of Moving Picture Expert
`Group (MPEG-2) Systems transport packets, as defined in
`MPEG-2 Systems International Standards Reference (ISO/
`IEC JTC1/SC29/WG 11 NO801, November 1994, ISO Ref
`erence No. 13818-1), which is hereby incorporated by
`reference. Importantly, although the MPEG-2 Systems Inter
`national Standards Reference does not standardize on a
`particular method of conditional acceSS, it does contemplate
`the addition of conditional access to the MPEG-2 transport
`packets. Thus, to conform to the MPEG-2 standard, it is
`necessary that conditional acceSS be added to programs at
`the MPEG-2 transport packet layer rather than at a higher
`network protocol layer. However, when a program leaves a
`service provider's file server, it will not be in a convenient
`format for applying conditional access. Rather, the program,
`in the form of MPEG-2 transport packets, will leave the file
`Server enveloped in a first network protocol. Additionally, in
`Some applications, the packets may then need to be
`re-mapped into a second network protocol to conform to the
`network protocol provided by the network operator. Thus, in
`this context there is a need for method and apparatus for
`removing the MPEG-2 transport packets of a particular
`program from a first network protocol, providing conditional
`access to the MPEG-2 transport packets, and then mapping
`the MPEG-2 transport packets back into the first network
`protocol or into a Second network protocol.
`SUMMARY OF THE INVENTION
`The present invention meets the needs discussed above by
`providing method and apparatus between the SPS and the
`Level 1 Services provider that accepts programs destined for
`an STU in the form of MPEG-2 transport packets enveloped
`in one of a plurality of network protocols. According to the
`present invention, the packets are removed from a first
`network protocol. Conditional access layers are applied to
`the packets. After applying the conditional acceSS layers, the
`packets are encapsulated and output in a Second network
`protocol destined for the STU.
`According to an aspect of the present invention a method
`of providing conditional access to a Selected program is
`provided. Packets representing a program requested by a
`customer having an STU are Selected. Those program bear
`ing packets are encrypted according to a first encryption
`algorithm using a first key. The first key used to encrypt the
`program is, in turn, encrypted according to a Second encryp
`tion algorithm using a Second key. The first keys are trans
`ported in packets to the customer's STU along with the
`program packets. The Second key is, in turn, encrypted using
`a public-key cryptographic technique Such that the public
`key used in the encryption corresponds to the private key of
`the customer's STU. The encrypted second key is then
`transported via packets to the STU along with the program
`and first key packets.
`
`15
`
`25
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`5,870,474
`
`4
`According to another aspect of the present invention, the
`apparatus provides means for receiving program bearing
`packets in a first network protocol from a first data link and
`removing the packets from the first network protocol. The
`apparatus Selects all packets comprising a particular pro
`gram requested by a customer. Conditional acceSS is then
`applied to the requested program at the packet layer in
`accordance with the method described above. The apparatus
`then encapsulates all packets in a Second network protocol
`and outputs them over a Second data link for delivery to the
`customer’s STU.
`According to a further aspect of the present invention, a
`method and apparatus are provided for generating a message
`authentication code comprised of a hash of the first key and
`the second key, such that the STU can determine if the
`packets bearing the first key has been tampered with during
`transmission. An Additional method and apparatus are pro
`Vided for applying a digital Signature to the encrypted
`Second key, Such that the authorized customer can determine
`the identity of the provider of the encrypted Second key,
`thereby preventing unauthorized users from addressing
`STUS.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`The foregoing Summary, as well as the following detailed
`description of the preferred embodiment, is better under
`stood when read in conjunction with the appended drawings.
`For the purpose of illustrating the invention, there is shown
`in the drawings an embodiment that is presently preferred,
`it being understood, however, that the invention is not
`limited to the Specific methods and instrumentalities dis
`closed. In the drawings:
`FIG. 1 illustrates an exemplary digital video distribution
`System in which the present invention may be employed.
`FIG. 2 is a block diagram providing further details of a
`Server access and broadband encrypter re-mapper in accor
`dance with a presently preferred embodiment of the inven
`tion.
`FIG. 2A is a block diagram illustrating further details of
`a presently preferred embodiment of an FDDI input card.
`FIG. 2B is a block diagram illustrating further details of
`a presently preferred embodiment of a SONET-ATM output
`card.
`FIG. 2C is a block diagram illustrating further details of
`a presently preferred embodiment of a conditional access
`card.
`FIG. 2D is a block diagram illustrating the operation of
`the control card.
`FIG. 3 is a functional block diagram illustrating the
`conditional access Scheme provided in accordance with the
`present invention.
`FIG. 3A is a functional block diagram illustrating the
`process of message authentication of control words in accor
`dance with the present invention.
`FIG. 3B is a functional block diagram illustrating the
`process of adding a digital Signature to an MSK in accor
`dance with the present invention.
`FIG. 4 graphically illustrates the structure and content of
`an exemplary MPEG-2 transport packet.
`FIG. 5 graphically illustrates the mapping of MPEG-2
`transport packets into ATM cells in accordance with the
`present invention.
`FIG. 6 graphically illustrates the mapping of MPEG-2
`transport packets into an FDDI frame in accordance with the
`present invention.
`
`21
`
`
`
`5,870,474
`
`15
`
`25
`
`S
`FIG. 7 graphically illustrates the mapping of MPEG-2
`transport packets into a DS-3 frame in accordance with the
`present invention.
`FIG. 8 graphically illustrated the mapping of MPEG-2
`transport packets into a UNISON frame in accordance with
`the present invention.
`FIG.9 graphically illustrates the transport overhead struc
`ture utilized in the UNISON-1 STS-3c frame structure.
`FIG. 10 graphically illustrates the Synchronous Payload
`Envelope (SPE) structure used for transmitting MPEG-2
`transport packets in accordance with the UNISON-1 STS-3c
`frame Structure.
`FIG. 11 illustrates a functional block diagram of an
`exemplary Set top unit implementing the conditional acceSS
`method of the present invention.
`FIG. 12 is a functional block diagram illustrating the
`context and operation of the Conditional AcceSS Manager.
`DETAILED DESCRIPTION OF PREFERRED
`EMBODIMENTS
`Referring to the drawings wherein like numerals indicate
`like elements throughout, there is shown in FIG. 1 a block
`diagram of the components of an exemplary digital infor
`mation distribution system 10 (“distribution system') in
`which the present invention may be incorporated. A similar
`system is described in U.S. Pat. No. 5,481,542, which is
`assigned to the same assignee as the present invention and
`is hereby incorporated by reference in its entirety. The
`distribution system 10 provides a mechanism whereby data,
`Such as compressed digital Video data from a Service pro
`vider (SP) 110, is transmitted over a broadband transmission
`network under the control of a network operator 120 to a
`customer 130 for presentation to the customer's STU 90. As
`used herein, the term Set top unit refers to any customer
`device capable of receiving and decoding digital Services,
`Such as personal computers, home control terminals, decod
`erS and the like. In the case of a Video Service, for example,
`the received information could be displayed on the custom
`er's television or computer Screen. A bi-directional commu
`40
`nication path is also established and maintained between the
`SP 110 and the customer 130 by the network operator 120,
`which allows the customer 130 to interact with the service
`provider. For example, the customer 130 may wish to select
`programs from a menu, control the playback of a program,
`or interact with a Video game.
`Various aspects of the distribution system 10 incorporat
`ing the present invention are described below. First, an
`overview of the components of the distribution system 10
`are described. Following the overview, detailed information
`concerning the various components of the distribution SyS
`tem 10 that incorporate the present invention is provided.
`I. System Overview
`When a customer 130 requests a program, the request is
`routed from the customer's STU 90 through a network
`access node 80 to the network control and management
`computer (NCMC) 100. The NCMC 100 then provides a
`communication connection between a particular Service
`provider 110a, 110b and the customer 130. To establish the
`connection, the NCMC 100 ensures that bandwidth is avail
`able on the digital network 70 and the network access node
`(NAN) 80. Thereafter, the NCMC 100 passes the customer
`request to the requested SP 110 via server gateway 61. The
`Server gateway 61 handles communications with various
`billing agencies to determine the customer's eligibility to
`receive the requested program and to determine the condi
`tional access requirements for the requested program. An SP
`
`6
`stores programs on a file server 60 in the form of Moving
`Picture Experts Group (MPEG-2) Systems transport
`packets, containing compressed digital Video and audio data
`as well as other digital Service information. The requested
`MPEG-2 transport packets are then output over data link 40
`encapsulated in a network protocol. Ultimately, the packets
`are to be transmitted through the digital network 70 to a
`NAN 80 and then to the customer’s STU 90. The Service
`providers 110 want to ensure that programs entering the
`digital network 70 are viewed only by the customers who
`have been authorized by the server gateway 61. Thus there
`is a need to provide conditional access to programs before
`those programs enter the digital network 70. According to
`one aspect of the present invention, apparatus 20 and 30,
`referred to herein as Service Access and Broad Band
`Encrypter Re-mapper (SABER) 20 and Conditional Access
`Manager 30, are provided between the SP 110 and the digital
`network 70 to provide a means for adding conditional access
`to the program to be transmitted. In particular the SABER 20
`receives the MPEG-2 transport packets from the SP 110, via
`data link 140, encapsulated in the network protocol of that
`link. According to the present invention the SABER 20
`extracts the MPEG-2 transport packets, adds conditional
`access, and then re-encapsulates the packets in a Second
`protocol (which may be the same or different from the first
`protocol) for introduction into digital network 70. The CAM
`30 provides the SABER with information necessary to
`selectively apply the conditional access to the MPEG-2
`transport packets. The CAM 30 receives the conditional
`acceSS requirements and unique PID assignments for the
`requested program from the SP via the Server gateway 61.
`The second network protocol, that of data link 50, may be
`the same as or different from the first network protocol of
`data link 40. For example, data link 40 may conform to an
`FDDI network protocol, while data link 50 may conform to
`an ATM network protocol, or both data links 40, 50 may
`conform to an ATM network protocol. Among the protocols
`presently anticipated by the SABER 20 are SONET-ATM,
`FDDI, DS-3 and UNISON-1, all of which can be used to
`transfer Moving Picture Experts Group (MPEG-2) Systems
`transport packets through data link 40 or data link 50.
`However, the network protocols listed and described herein
`are merely illustrative, and should not be construed as
`limiting the invention to those protocols listed, other
`protocols, for example, a proprietary protocol, could func
`tion equally well.
`Significantly, if the digital network 70 were inherently
`Secure (for example, a completely fiber network) the
`SABER 20 could be located elsewhere in the system 10. In
`such a secure network, the SABER 20 might be located at
`the opposite end of the digital network 70, between the
`digital network 70 and the NANs 80.
`Network control and management computer (NCMC) 100
`manages sessions between the STUS 90 and the SPS 110.
`Among its duties, the NCMC 100 is responsible for provi
`Sioning the NAN 80, provisioning the STUS 90, providing
`routing information to the digital network 70 when
`appropriate, and for providing information Session manage
`ment between the STUs 90 and the SPs 110. In providing the
`session management, either the STUS 90 or the SPS 110 may
`Send requests for information Service connections to the
`NCMC 100. After receiving a request, the NCMC 100
`determines if there are resources available on the network 70
`for transporting the requested Services and, if So, establishes
`the requested service connection from the SP 110 to the STU
`90. The NCMC 100 then sends the Service information to
`both the STU 90 and the SP 110 to allow them to connect to
`
`35
`
`45
`
`50
`
`55
`
`60
`
`65
`
`22
`
`
`
`7
`the network and to begin the requested interactive informa
`tion service. The NCMC 100 may establish sessions in the
`manner described in U.S. Pat. No. 5,481,542, which is
`incorporated herein by reference in its entirety.
`II. Service Provider Complex
`The SPS 110 control the system that provides programs to
`the customer. To provide these programs, the SP employs
`one or more file Servers 60, a Server gateway 61, and in
`accordance with the present invention, a conditional acceSS
`manager (CAM)30 and a SABER 20. The file servers store
`programs in MPEG-2 transport packet format for delivery to
`customers. That is, when a customer requests a program
`from the file server 60, the
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
