Abstract: A method of encrypting a digital television signal involves examining unencrypted packets of data in the digital television signal to identify a selected packet type; duplicating packets identified as being of a selected packet type to produce pairs of duplicated packets; encrypting one of each pair of the duplicated packets; inserting the encrypted packets along with the unencrypted packets of the selected packet type to the digital television signal along with the unencrypted packets of data that are not of the selected packet type into produce a selectively encrypted digital television signal that contains duplicate packets of the selected packet type with one of the duplicate packets being encrypted while the other of the duplicated packets remains unencrypted; and broadcasting the selectively encrypted television signal. This abstract is not to be considered limiting, since other embodiments may deviate from the features described in this abstract.

Abstract: This invention relates to a method for broadcasting digital data to a targeted set of reception terminals in which said data are previously scrambled by a series of control words transmitted in a conditional access control message. This method comprises the following steps: on transmission, particularise said access control message using a reversible function F for which the inverse function F?1 is executable only in terminals in the targeted set, and on reception, redetermine the original access control message in each terminal in the targeted set using said inverse function.

Abstract: The present invention is directed to an apparatus, system and method for reporting a player's game plays during a game with input from fans on the player's performance, and more specifically allowing each player to dynamically transmit information regarding the player's game plays to a portable remote terminal or central processor from which real-time statistical information may be obtained and wherein the player, coach(es) and/or other teammates may review the statistical information to formulate and implement appropriate game strategies to be effected on the field or court.

Abstract: A semiconductor integrated circuit is provided, which includes: a first circuit; a second circuit; a data BUS; and first and second encryption/decryption circuits for encrypting/decrypting data transmitted between the first and second circuits on the data bus. The first encryption/decryption circuit is for encrypting data output from the first circuit, outputting the encrypted data to the data BUS, decrypting an encrypted data received from the second encryption/decryption circuit, and providing the decrypted data to the first circuit. The second encryption/decryption circuit is for decrypting the encrypted data received from the first encryption/decryption circuit, providing the decrypted data to the second circuit, encrypting data output from the second circuit, and outputting the encrypted data to the data BUS.

Abstract: A decryption process chip has a memory in which a first decryption control unit for decrypting a scramble key by using an ECM and an EMM is downloaded from outside and stored. A stream input unit extracts a packet including the ECM based on first information obtained from the first decryption control unit, and the first decryption control unit extracts the ECM from the packet. An STB control unit extracts only data including the EMM based on second information set up from the first decryption control unit, and the first decryption control unit extracts the EMM from the data. The stream input unit indirectly obtains a scramble key decrypted by the first decryption control unit so as to extract the scramble key and transmit it to a descrambler.

Abstract: A method and apparatus for brokering the enablement of the communication of encrypted media programs from a plurality of independent broadcasters to a plurality of receivers is disclosed. The system makes use of a pairing key for each provided service, which is differently encrypted by a pairing server and by the broadcaster providing the service. The encrypted versions of the pairing key are decrypted in a first receiver module using information known to the pairing service but not the broadcaster and in a second receiver module using information known to the broadcaster. The pairing key is used to cryptographically bind the first and second receiver modules.

Abstract: An encryption device, comprising: detection portion for detecting a TS header, a PES header, a sequence header, a GOP header, and a sequence end code for a transport stream not encrypted; and encryption portion for encrypting the transport stream except the TS header, the PES header, the sequence header, the GOP header, and the sequence end code. An editing device, comprising: detection portion for detecting a TS header, a PES header, a sequence header, a GOP header, and a sequence end code in a transport stream; and editing portion for editing the encrypted transport stream without decryption in units of TS packets ranging from a TS packet where the GOP header is detected to a TS packet previous to a TS packet where a subsequent GOP header is detected out of TS packets having an identical PID.

Abstract: Systems and methods that provide personal video recording trick modes are provided. In one example, a method that provides a trick mode in a personal video recording system may include the steps of receiving a transport stream; storing data from the transport stream in a data storage; generating index table using the data from the transport stream; receiving a trick mode command; and accessing, based on the trick mode command, particular data in the data storage using the index table.

Abstract: A process for the distribution of digital audiovisual sequences. An analysis is made prior to transmission to a dynamic group of receivers to generate a first modified main stream and complementary information. A synthesis of a stream in the original format is calculated on the receiver as a function of the modified main stream and the complementary information. Generation of the complementary information is constituted of the following steps: extraction of at least one original piece of data of the original stream, storage of the original data in the complementary information, formatting the complementary information in segments with each segment corresponding to at least one entire audiovisual element of the modified main stream, and encapsulation of at least one segment with at least one piece of access information in at least one data block to generate at least one access ticket for the corresponding audiovisual elements.

Abstract: There is provided a method for encrypting a data stream using multiple algorithms. In one embodiment, a first portion of the data stream is encrypted with a first algorithm utilizing a first key to generate a first encrypted portion. The first algorithm can be, for example, a Triple Data Encryption Algorithm (TDEA). Data indicating the first algorithm and the first key is then transmitted. Then, the first encrypted portion of the data stream is transmitted. Thereafter, a second portion of the data stream is encrypted with a second algorithm utilizing a second key to generate a second encrypted portion. The second algorithm can be, for example, a Single Data Encryption Algorithm (SDEA). Next, data indicating the second algorithm and the second key is transmitted. Thereafter, the first encrypted portion of the data stream is transmitted.

Abstract: A rolling code transmitter is useful in a security system for providing secure encrypted RF transmission comprising an interleaved trinary bit fixed code and rolling code. A receiver demodulates the encrypted RF transmission and recovers the fixed code and rolling code. Upon comparison of the fixed and rolling codes with stored codes and determining that the signal has emanated from an authorized transmitter, a signal is generated to actuate an electric motor to open or close a movable barrier.

Abstract: An IC card includes a tamper resistant module which has one or more applications and a card control unit for controlling an operation of the IC card, a secure memory area which is accessible from only the tamper resistant module, and a contactless interface which serves to communicate with a service terminal. The card control unit generates storage instruction information, and the contactless interface transmits the storage instruction information to the service terminal. The storage instruction information contains an address of the secure memory area as a write area of data, an address of a normal memory area that indicates a save area for temporarily saving the data, an identifier of the application which executes a data movement from the normal memory area to the secure memory area, and an address of a relay terminal which relays the data.

Abstract: A method and system for obfuscating segment boundary markers, such as but not limited to obfuscating boundary markers used to identify beginning and/or ending boundaries of a sequence of segments forming a programming event. The obfuscation may be achieved by embedding decoy and offset boundary markers within the sequence of segments.

Abstract: Control of the encryption of data for storage with respect to removable data storage cartridges having a recording media and having cartridge memory with at least a portion lockable to read-only, employs the steps of inspecting the read-only portion of the cartridge memory of the removable data storage cartridge for an “Encrypt-Only” flag. If the “Encrypt-Only” flag is present, writes to the recording media of the removable data storage cartridge are limited to data in an encrypted format, if any; and, else, writes to the recording media of the removable data storage cartridge are allowed for data in any of encrypted and unencrypted formats.

Abstract: A computer system which is configured to load executable programs. This configuration first accepts an operator defined key; withdraws an encrypted executable program from memory; and, using the operator defined key, decrypts the encrypted executable program into a functional executable program. It is this functional executable program which is used by the processing unit. During shutdown, each executable program is checked to see if it was derived from an encrypted executable program; those that aren't, are verified as being legitimate by the operator prior to their storage into the memory.

Abstract: The control unit includes a CPU which generates an access signal for performing writing or reading on the external memory, encryption/decryption means which, when the access signal is used for writing, encrypts an address designated by the CPU to generate a write address and encrypts write data contained in the access signal to generate write encrypted data, and which, when the access signal is used for reading, encrypts an address designated by the CPU to generate a read address and decrypts the encrypted data read from the external memory to generate plaintext data, and external control means which writes the write encrypted data in a position designated by the write address generated by the encryption/decryption means and which reads the encrypted data from a position designated by the read address generated by the encryption/decryption means and supplies the same to the encryption/decryption means for its decryption.

Abstract: The invention provides for rekeying a large cluster of storage security appliances which allows more than two of the storage security appliances to proxy a single storage medium while encrypting the storage medium in a manner that is transparent to any attached server. The invention provides a method for synchronizing encryption of the disk among a large cluster of storage security appliances, while allowing all of the storage security appliances involved to access the storage device being rekeyed in a secure fashion.

Abstract: If playback devices are prohibited from playing back contents recorded in R media, there occurs a problem that it takes more time to manufacture commercial ROM media. Conversely, if playback devices are permitted to play back contents recorded in R media, there occurs a problem that copyrights might be infringed. In view of these, the aim of the present invention is to provide a content protection data processing system and a playback device capable of determine whether to permit playback of a content recorded in a recording medium, based on a medium type of the recording medium and a signature type of a signature attached to a program. This enables both the protection of the copyright of the content and the efficient manufacturing of commercial ROM media.

Abstract: Encrypted auxiliary information data DYAE/DCAE including no inhibited codes is generated based on auxiliary information data DYA/DCA including no inhibited codes, in an auxiliary data packet having an auxiliary data flag ADF formed of a first combination of a plurality of inhibited codes, the auxiliary data flag ADF is replaced with an auxiliary data flag EADF formed of a second combination of the inhibited codes, the second combination being different from the first combination, to form an encrypted auxiliary data packet having the auxiliary data flag EADF and including the encrypted auxiliary information data DYAE/DCAE, and the encrypted auxiliary data packet is transmitted.

Abstract: A method of providing a stream of data units with scrambling state identifying data and providing a stream of key messages, synchronized with the stream of data units. The scrambling state identifying data includes an identifier value associated with the first decryption key that associates the data units in a third section. Then separating the first and second sections, with scrambling state identifying data lacking an identifier value associated with the decryption key, and providing in a key message coinciding with first or third sections key information. Thereby enabling an authorized decoder to obtain a value of the first decryption key corresponding with the second value of the first encryption key. Encryption of at least part of the clear data units uses the first encryption key is suspended for each data unit in the sequence included in the third section.

Abstract: According to a first aspect there is provided systems and methods for receiving an encrypted signal from a portable communication device, the encrypted signal containing information associated with a command; and decrypting the encrypted signal to enable a set-top box to execute the command. According to a second aspect there is provided systems and methods for encrypting information to generate an encrypted signal, the information associated with a command entered via a control; and communicating the encrypted signal to the set-top box, the encrypted signal for decryption at the set-top box to enable execution of the command to operate the set-top box.

Abstract: A tuning device uses a counter mode encryption cipher to encrypt counters associated with media content in order to protect the media content when it is sent to requesting device or controller. The encrypted counters are decrypted in order to consume the media content. The controller may send particular direction to the tuning device as to how the media content, encrypted counters, and other associated data are sent to the controller.

Abstract: A program conversion device generates a program by obfuscating an original program, and generates and encrypts conversion parameters for inverse conversion of the obfuscated program. The program conversion device distributes the obfuscated program together with the encrypted conversion parameters. To execute the obfuscated program, a device having a high security level decrypts the encrypted parameters by using a decryption key stored in advance, applies inverse conversion to the obfuscated program by using the decrypted conversion parameters, and executes the program resulting from the inverse conversion. A device having a low security level executes the obfuscated program without any inverse conversion.

Abstract: Rather than downloading each content document on demand from the publisher location to the user site, at the publisher location, each content document is encrypted and then multiple encrypted documents are assembled into a distribution archive that is itself encrypted with a scheduled key. The distribution archive is then downloaded into a content server at the user site. When the content server receives the distribution archive, it decrypts the archive file and unpacks the encrypted documents. The scheduled key used to decrypt an archive file is included with an archive file that was sent previously to the user site in accordance with the subscription service. The scheduled key to decrypt the first archive file sent to the user is sent from the publisher to the user over a communication channel different from the communication channel used to send the archive file from the publisher to the user.

Abstract: A system and method for the retrieval and transfer of encrypted content from a failed set-top box by a content transcription device. When content is recorded to the storage device of a set-top box, the content is encrypted with a content instance key. This content instance key is encrypted with the public key of the set-top box and a duplicate of the content instance key is encrypted by another public key other than the public key of the set-top. In the event the set-top fails, the encrypted content on the storage device may be retrieved from the storage device by decrypting the duplicate content instance key with the private key that corresponds with the public key that encrypted the duplicate of the content instance key.

Abstract: The present invention is directed to an apparatus for improving communications between players and coaches during a sporting event, more specifically allowing players to dynamically receive real-time communications from their coaches concerning intended game plays to be effected on the field or court. Said game apparatus comprises of a transparent, protective top cover having the same contour as a middle portion, wherein said middle portion is provided with a display element, and wherein said top cover, middle portion and the display element are all enclosed by a rear cover forming a housing for a receiving means for receiving an encrypted signal of an intended game play from a portable remote terminal, and wherein said top cover, middle portion, display element and housing are positioned on an upper portion of an elasticized band, which has an extended flap, wherein said extended flap includes a closing means used to secure the game apparatus and to conceal the display element from public view.

Abstract: Enhanced multimedia content on physical media interacts with the user through a media player and the Internet. Enhanced multimedia utilizes IDs for pieces of content on the media and a media key block. On the enhanced media is a file with a list of URLs. As the enhanced media plays a title requiring an external permission for decryption, the media player accesses the URL for that title and obtains the permission. The permission may be purchased or provided for free. Secure encryption and transmission of permission is accomplished by broadcast encryption using a media key block. Each media has a unique set of keys that allow the media player to process the media key block; however, each media follows a unique path through the media key block. All legitimate media players obtain the media key; circumvention devices cannot decipher the media key block.

Abstract: A method and system for storing a file on a portable device includes a central location 100 generating a seed in response to a unique portable device identifier, a storage device 32 having an interface wherein the storage device 32 stores the seed therein. A portable media player 36 is in communication with the storage device 32 through the interface. The storage device 32 transfers files to the portable media player 36 through the interface in response to the seed.

Abstract: A method of verification of rights is disclosed, contained in a security module associated to an apparatus processing broadcasted digital data. The apparatus is connected to a management center transmitting encrypted rights messages for accessing the digital data. The method includes reception and reading by the security module of all or part of a rights message including at least one right and means for verifying the right, decryption and verification of the rights message and updating of a rights memory, and storage of all or part of the rights message in a messages memory. During a further verification step, the method includes identification of at least one right present in the rights memory, search of the corresponding stored rights message and verification of the rights message, comparison of the right contained in the rights message with the corresponding right stored in the rights memory, and determination of a default state when the result of the comparison indicates a difference.

Abstract: According to one embodiment, an information processing apparatus includes a receiving device including a tuner unit which receives broadcast program data, a first nonvolatile memory which stores an encryption key, and an encryption unit which encrypts the broadcast program data, which is received by the tuner unit, based on the encryption key, and a second nonvolatile memory which is provided on a system board, which is electrically connected to the receiving device, and stores key recovery data for recovering the encryption key which is stored in the first nonvolatile memory.

Abstract: Access to one or more data streams can be controlled by encrypting a description of how segments of the data streams can be assembled, for example, to produce an audio or video program. Access to the one or more data streams can also be provided by obfuscating names of at least some of the segments in order to make it more difficult to determine the proper order for assembling the segments. In at least some embodiments, the data contained in at least some of the segments themselves is not encrypted.

Abstract: A method for managing access to scrambled broadcast or transmitted events received from a variety of service providers (including broadcast television networks, cable television networks, digital satellite systems). Each service provider employs the same public key for descrambling the access information message thereby permitting a user to access events from various service providers without changing the smart card. The method may also be expanded to manage access to a scrambled package of broadcast events.

Abstract: A method for determining whether the terminal is authorized to receive the selected service is practiced in a terminal of a conditional access system in which a user selects a service, the selected service being associated with a frequency, the terminal having a tuner and a secure element with at least one authorized entitlement unit number stored therein. The method includes receiving at least one encrypted entitlement control message corresponding to the service, and decrypting each of the at least one encrypted entitlement control message in the secure element, each decrypted entitlement control message revealing at least one first entitlement number associated with the selected service. The method further includes determining that the terminal is authorized to receive the selected service when any first entitlement number of any decrypted entitlement control message represents any number of the at least one authorized entitlement unit number.

Abstract: A method, system and apparatus of a secure debug interface and memory of a media security circuit and method are disclosed. In one embodiment, a host processor, an external hardware circuit to encrypt an incoming data bit communicated to a debug interface using a debug master key stored at a pointer location of a memory (e.g., the memory may be any one of a flash memory and/or an Electrically Erasable Programmable Read-Only Memory (EEPROM)) and to decrypt an outgoing data bit from the debug interface using the debug master key, and a media security circuit having the debug interface to provide the pointer location of the memory having the debug master key to the external hardware circuit.

Abstract: In a method of descrambling a scrambled content data object, at least a section of the scrambled content data object is descrambled by applying at least one decryption operation under a key at least partly derivable from a content descrambling key. At least one content descrambling key is obtained from a message received from a conditional access sub-system over a data communication channel. At least one cryptogram of data obtainable from at least one content descrambling key in the message, each of which cryptograms are carried in the message, is decrypted under an associated channel key. A first key is used to establish each channel key. At least the section of the scrambled content data object is descrambled by applying a further decryption operation under a key at least partly derivable from the first key.

Abstract: A method and system is provided for encrypting an image compressed with a JPEG2000-based compression with minimal overhead so that the encrypted codestream is compliant with the syntax of the JPEG2000-based compression and can be scaled without decrypting. The encryption system generates, for each independent encryption segment of a codestream for an image, a unique initialization vector from a global initialization vector in such a way that the initialization vectors can be generated during decryption from the global initialization vector, even after truncation. The encryption system encrypts each independent encryption segment using its unique initialization vector. The encryption system ensures that the encrypted codestream is compliant with the syntax of the JPEG2000-based compression both as originally generated and as truncated by an encryption-unaware device.

Abstract: Technologies to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disk (200) carries an encrypted digital video title combined with data processing operations that implement the title's security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations (225), access secure non-volatile storage, submit data to CODECs for output (250), and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies.

Abstract: The invention provides a receiver, a smartcard and a conditional access system for securely obtaining a control word using an entitlement transform tree, wherein intermediate results are cached to improve computational efficiency.

Abstract: A mobile communication terminal for efficient digital broadcasting conditional access and a method of the mobile communication terminal.

Abstract: The conditional access system in a single frequency network in a digital broadcasting system includes a main broadcasting system transmitting encoded broadcasting signals including a data stream and transmitter identification information (TII) through a main broadcasting network; a repeating system amplifying and transmitting encoded broadcasting signals of the main broadcasting network, or modulating and amplifying a stream input by the main broadcasting system through a cable, and repeating broadcasting signals of the main broadcasting system through a repeating network; a subscriber station decoding the encoded signals of the main broadcasting network included in the broadcasting signals received through the main broadcasting network or the repeating network, TII, and an encoding key according to a decoding method; and a decoding key provider receiving a decoding key from the main broadcasting or repeating system, authenticating a user, and transmitting the decoding key to a charged subscriber station thro

Abstract: An article of manufacture includes a machine-readable medium that stores a multimedia content file in a first format and multiple program sets. Each program set is a version of software that, when executed by a respective electronic system, produces the multimedia content file in a second format for use in the respective electronic system. A first program set is compatible with a first operating system executed by a first electronic system and a second program set is compatible with a second operating system executed by a second electronic system. The second operating system is distinct from the first operating system.

Abstract: This method for protecting an information signal using a control word, the information signal and control word being sent by a transmitter to one or several receivers (7), the transmitter carrying out a step for encrypting the information signal using the control word (CW) and a step for encrypting the control word (CW) in an access control module before sending them to the receiver(s) (7) and the or each receiver (7) carrying out a step for unscrambling the control word and a step for unscrambling the information signals using the control word, is characterized in that the transmitter carries out an additional encryption step for encrypting the control word (CW) using an additional access control module, and in that the receiver (7) carries out an additional unscrambling step for unscrambling the control word using an additional security module (16).

Abstract: A method and apparatus for providing conditional access to media programs is described. An exemplary method comprising the steps of transmitting media information encrypted according to a control word (CW) to a receiver station, transmitting entitlement management information (EMI) to the receiver station, the EMI comprising a service bitmap, and transmitting entitlement control information (ECI) to the receiver station, the entitlement control information including the control word (CW) encrypted according to a key (K) and an index to an element of the service bitmap, wherein the control word (CW) is decrypted by the receiver stations according to a value of the indexed element of the service bitmap.

Abstract: A method for management of access means to conditional access data may include: initiating, from a security module of a multimedia unit, a verification of the next renewal date of the access means, which are associated to time information and are controlled by a management centre; determining, in the security module, the next renewal date of the access means; if the next renewal date of the access means is closer than a preset duration, then sending a request from the security module to the multimedia unit that requests the renewal of the access means; sending the request for renewal of the access means from the multimedia unit to the management centre; verifying by the management centre, if the multimedia unit is authorized to renew the access means; and in the case of a positive response, sending of an access means renewal message to the multimedia unit.

Abstract: A system and a method for secure distribution of digital media content through a packet-based network such as the Internet. The security of the present invention does not require one-to-one key exchange, but rather enables keys, and/or information required in order to build the key, to be broadcast through the packet-based network. The digital media content is then also preferably broadcast, but cannot be accessed without the proper key. However, preferably only authorized end-user devices are able to access the digital media content, by receiving and/or being able to access the proper key. Thus, the present invention is useful for other types of networks in which digital media content is more easily broadcast rather than unicast, in addition to packet-based networks.

Abstract: The invention concerns a method for controlling access to encrypted data (CT) by control words (CW), said control words being received by a security module in control messages (ECM) and returned to a unit operating on the encrypted data. Said control messages (ECM) contain at least one first control word (CW1) and a second control word (CW2), said control words each allowing access to the encrypted data (CT) during a predetermined period called cryptoperiod (CP). Said method includes the following steps: sending said encrypted data to at least one operating unit; and sending control messages (ECM) to said control unit, such a control message (ECM) containing at least two specific control words (CW1, CW2) being sent to the operating unit after sending the data encrypted by said first control word (CW1) and before sending the data encrypted by said second control word (CW2).

Abstract: A data transmitting apparatus has improved security against eavesdropping for secret communication using Y-00 protocol. The multi-level code generation section generates, based on key information, a multi-level code sequence in which a signal level changes so as to be approximately random numbers. The multi-level processing section generates a multi-level signal having a level which corresponds to a combination between information data and the multi-level code sequence. The error signal generation section generates an error signal which changes randomly. The accumulation section accumulates the error signal, and outputs an accumulated error signal. The adding section adds the accumulated error signal to the multi-level signal, and outputs a variable multi-level signal. The modulator section modulates the variable multi-level signal, and outputs a modulated signal.

Abstract: Systems and methods are disclosed for using an arbitrary fixed channel to carry third-party information. In one embodiment, the present invention provides systems and methods for enabling existing content rendering devices to accept content encoded in a proprietary format, such as an encoding format used by a digital rights management system. The encoded content is rendered by the device in the normal manner, and decoded by a retrofitting appliance connected to the device's output. The retrofitting appliance may apply decoded rules and controls to the decoded content, thereby managing use of the content.

Abstract: A method for preventing a recipient of an electronically transmitted message from taking at least one action in relation to the message is disclosed. The message has at least two parts with one of the parts having a higher level of security than the other part. The method includes the step of extracting information from the message. The information indicates that the higher level security part is not permitted to have the action taken on it while the other part is so permitted. The method also includes the step of preventing the higher level security part from having the action taken on it in reaction to said recipient making an offending request.

Abstract: Techniques for distributing digital content include receiving provider content over a network connection at a customer premises node located on premises of a first customer. The provider content is offered by a network service provider different from the first customer. Provider data based on the provider content is stored in non-volatile storage on the customer premises node of the first customer. It is determined whether conditions are satisfied for sending the provider content to a second customer different from the first customer. If it is determined that such conditions are satisfied, then the provider data is retrieved from the non-volatile storage, and data based on the provider data is sent over the network connection for receipt by the second customer. Thereby a customer premises node serves as a cache of provider content for other customer premises nodes on the same last mile segment or access network.