Abstract: A semiconductor integrated circuit for the processing of conditional access television signals comprises an input interface for receiving encrypted television signals and an output interface for output of decrypted television signals. Control signals broadcast with the television signals include control words and common keys. Entitlement messages are received in encrypted form, encrypted according to a secret key unique to each semiconductor integrated circuit. The input interface is connected to a decryption circuit whereby the only manner of providing the common keys to the circuit are in encrypted form encrypted according to the secret key. Due to the monolithic nature of the circuit, no secrets are exposed and the system is secure. Alternatively, the entitlement messages are encrypted for decryption with the common keys and a unique ID stored in the circuit is compared with an ID in a received entitlement message. Only if the received and stored IDs match can the rights be stored and used.

Abstract: Aspects of a method and system for allowing no code download in a code download scheme are provided. A system-on-a-chip (SoC) may comprise a security processor, a ROM, and a one-time-programmable (OTP) memory. The security processor may enable fetching code from a restricted function portion of the ROM. The restricted functions may comprise code for booting up the SoC and code that prevents enabling security algorithms within the SoC. The security processor may then enable booting up of at least a portion of the SoC based on the fetched code. The remaining portion of the ROM may comprise code for downloading security code from an external memory, such as a FLASH memory, to an internal memory, such as a RAM, to boot up the SoC. Access to the restricted function portion or the remaining portion of the ROM is based on at least one bit from the OTP memory.

Abstract: A method and a corresponding apparatus for authenticating data in a digital processing system (DPS) is disclosed, wherein a root/first tier key pair associated with a first tier/root authority may sign data and second tier keys for authorizing data for processing in the DPS. The first tier/root authority may pass entitlements to the authorized second tier key, which may itself authorize third tier keys and pass entitlements to said key.

Abstract: The invention describes a method and a corresponding digital processing system for ensuring that data is unmodified while reducing the amount of one-time programmable memory in the system. The data is stored in modifiable memory and an authentication value of the data is stored in unmodifiable memory. Before the data is used according to its purpose the digital processing system authenticates that the data is unmodified, for example by using a cryptographic hash algorithm.

Abstract: A memory access system including a memory in which data is organized in pages, each page holding a sequence of data elements; means for receiving a requested address including a requested page address and a requested data element address; logic for accessing a current page from the memory using a current page address; logic for reading out data elements of the current page in the sequence in which they are held in memory; logic for comparing the requested page address with the current page address and for issuing a memory access request with the requested page address when they are not the same; and logic operable when the requested page address is the same as the current page address for comparing a requested data element address with the current address of a data element being read out and returning the data element when the requested data element address matches the current data element address.

Abstract: Methods and systems for software security in a secure communication system are disclosed and may include verifying downloaded code in a reprogrammable system and reloading prestored unmodifiable first stage code upon failure. The prestored unmodifiable first stage code, which may comprise boot code for the reprogrammable system, may be stored in locked flash, and the downloaded software code may be stored in unlocked flash. The downloaded software code may be verified by comparing a signature of the downloaded code to a private key. A first sticky bit may be utilized to indicate a failure of the verification and a second sticky bit may be utilized to indicate passing of the verification and the use of the downloaded software code. Whether to reset the reprogrammable system and reload the prestored unmodifiable first stage code may be determined from within the reprogrammable system, which may comprise a set-top box.

Abstract: Methods and systems for protection of customer secrets in a secure reprogrammable system are disclosed, and may include controlling, via hardware logic and firmware, access to customer specific functions. The firmware may comprise trusted code, and may comprise boot code, stored in non-volatile memory, which may comprise read only memory, or a locked flash memory. A customer mode may be checked via the trusted code prior to allowing downloading of code written by a customer to the reprogrammable system. Access to customer specific functions may be restricted via commands from a trusted source. The hardware logic may be latched at startup in a disabled mode by the firmware, determined by the customer mode stored in a one time programmable memory. The customer mode may be re-checked utilizing the firmware, and may disallow the use of code other than trusted code in the reprogrammable system when the re-checking fails.

Abstract: Segmenting a boot code to allow separate and independent storage and validation of the segments in a manner that enable secure system boot by autonomous fetching and assembling of the boot code by a security sub-system. The code fetching may need to be done without the main CPU running on the chip for security reasons. Because the boot code may be stored in memory devices that require special software application to account for non-contiguous storage of data and/or code, for example a NAND flash memory which would require such an application as Bad Block Management, code segments stored in areas guaranteed to be usable may enable loading and validating remaining segment separately and independently.

Abstract: A stored predefined unmodifiable bootable code set may be verified during code reprogramming of a device, and executed as a first stage of code reprogramming of the device. The predefined unmodifiable bootable code set may be stored in a locked memory such as a locked flash memory and may comprise code that enables minimal communication functionality of the device. The predefined unmodifiable bootable code set may be verified using a security algorithm, for example, a SHA-based algorithm. Information necessary for the security algorithm may be stored in a memory, for example, a one-time programmable read-only memory (OTP ROM). The stored information necessary for the security algorithm may comprise a SHA digest, a signature, and/or a key. A second stage code set may be verified and executed during the code reprogramming of the device subsequent to the verification of the stored predefined unmodifiable bootable code set.

Abstract: Securely loading code in a security processor may include autonomous fetching an encrypted security data set, which may comprise security code and/or root keys, by a security processor integrated within a chip. The encrypted security data set may be decrypted via the on-chip security processor and the decrypted code set may be validated on-chip using an on-chip locked value. The on-chip locked value may be stored in a one-time programmable read-only memory (OTP ROM) and may include security information generated by applying one or more security algorithms, for example SHA-based algorithms, to the security data set. The encryption of the security data set may utilize various security algorithms, for example AES-based algorithms. The on-chip locked value may be created and locked after a virgin boot of a device that includes the security processor. The security data set may be authenticated during the virgin boot of the device.

Abstract: Methods and systems for preventing revocation denial of service attacks are disclosed and may include receiving and decrypting a command for revoking a secure key utilizing a hidden key, and revoking the secure key upon successful verification of a signature. The command may comprise a key ID that is unique to a specific set-top box. A key corresponding to the command for revoking the secure key may be stored in a one-time programmable memory, compared to a reference, and the security key may be revoked based on the comparison. The command for revoking the secure key may be parsed from a transport stream utilizing a hardware parser. The method and system may also comprise generating a command for revoking a secure key. The command may be encrypted and signed utilizing a hidden key and may comprise a key ID that is unique to a specific set-top box.

Abstract: Methods and systems for allowing customer or third party testing of secure programmable code are disclosed and may include verifying code loaded in a set-top box utilizing a test hash or a production hash prior to execution of the code, where the test hash and production hash may be stored in a memory, such as an OTP, within the set-top box, and may allow migration from corresponding test code to production code, which may be verified utilizing the test hash and production hash, respectively. The test and production hashes may be customer specific. The migration from test code to production code may be authenticated using at least a set-top box specific password. The test hash may be stored in a first portion of a one-time programmable memory and the production hash in a remaining portion, with the first portion being less than or equal to the remaining portion.

Abstract: A secondary boot code may be copied to memory during execution of a primary boot code, and executing the copied secondary boot code after completion of execution of said primary boot code. Access to the primary and said secondary boot code may be restricted during execution of the primary boot code and the copied secondary boot code. The copied secondary boot code may be verified after the secondary boot code is copied to the memory. Access to the primary boot code may be blocked or barred during execution of the copied secondary boot code. Access to the secondary boot code may also be blocked or barred after completion of execution of the copied secondary boot code. The memory may comprise double-data-rate synchronous dynamic random access memory (DDR). The primary and/or the secondary boot code may reside or be stored in FLASH memory.

Abstract: A semiconductor integrated circuit having a plurality of selectable pathways inter-connected to data sources and data destinations; a cryptographic circuit connected to the selectable pathways to selectively receive data from at least one of the data sources, to decrypt or encrypt the data in accordance with a key, and to selectively provide the encrypted or decrypted data to at least one of the data destinations; an instruction interpreter arranged to receive an instruction signal and to generate an output to control the plurality of selectable pathways to select from which of the data sources the cryptographic circuit receives data and to which destination the cryptographic circuit provides data. The instruction interpreter configured such that the instruction signal defines a data pathway that operates in accordance with a rule that limits the data pathway configurations which are selectable.

Abstract: A monolithic semiconductor integrated circuit is provided for selectively encrypting or decrypting data transmitted between one of a plurality of devices on the circuit and an external memory. Two series of data pathways connect the devices and the external memory. The first series of data pathways passes through a cryptographic circuit causing data to be encrypted or decrypted, and the other series of data pathways provides an unhindered route. When a data access request is made by a device, the data is selectively routed along one of the two series of data pathways according to the identification of the device making the data access request. In one example, if data is transmitted from a device to the external memory, the data is selectively encrypted before being stored in the external memory if the device transmitting the data is identified as secure.

Abstract: A semiconductor integrated circuit for the processing of conditional access television signals that includes an input interface for receiving encrypted television signals and an output interface for output of decrypted television signals. The semiconductor integrated circuit is provided with some functionality restricted in some way by preventing one or more hardware circuit elements from operating, such as an MPEG decoder, display engine, IO ports or main CPU. To enable the functionality, a subscriber must pay for a service and then receives an encrypted message broadcast to the semiconductor integrated circuit that is decrypted and instructs functionality to be turned on or off.

Abstract: An integrated circuit restricts use of a data item and includes a data memory storing the data item; a value memory storing a value; a signature input that receives a signature derived from data in a data item field and a value in a value field, the signature being in a coded form; a decoding circuit that decodes the signature and outputs information representing the data in the data item field and the value in the value field; and a comparison circuit that receives the decoding circuit output, determines whether the information representing the data from the data item field corresponds to the stored data item and whether the information representing the value from the value field corresponds to the value stored in the value memory, and outputs a comparison signal according to the determinations. The circuit restricts the use of the data item according to the comparison signal.

Abstract: A memory stores data in an encrypted form. A modifiable register stores a memory address, a0, defining a boundary separating the memory into two regions. The lower region stores data encrypted using a key B, and the upper region stores data encrypted using a different key A. Data stored on the boundary address is encrypted using key A. Accordingly, when data is read from a memory address a, key A is used to decrypt the data if a?a0, and key B is used if a<a0. However, when data is written to a memory address a, then key A is used to encrypt the data if a?a0+1, key B is used if a<a0+1. When data is written to the boundary address, a0, the position of the boundary is caused to increase by one unit.

Abstract: A portion of data is obfuscated by performing a bitwise XOR function between bits of the data portion and bits of a mask. The mask is generated based on the memory address of the data portion. A bitfield representing the memory address of the data portion is split into subset bitfields. Each subset then forms the input of a corresponding primary randomizing unit. Each primary randomizing unit is arranged to generate an output bitfield that appears to be randomly correlated with the input, but which may be determined from the input if certain secret information is known. The output of the primary randomizing units is input into a series of secondary randomizing units. Each secondary randomizing unit is arranged to input at least one bit of the output of every primary randomizing unit. The output of the secondary randomizing units are then combined by concatenation to form a data mask.

Abstract: A filter is arranged to selectively block or allow a data access command from an initiator according to whether the initiator is secure or insecure and whether a data source or destination being accessed is privileged or unprivileged. The data access command contains an identification of the initiator from which the data access command originated and an identification of the data source or destination being accessed. The security filter compares the initiator identification and data source or destination identification contained within the data access command with a list of those initiators defined as secure and a list of those data sources or destinations which are defined as unprivileged. The filter then blocks or allows the data access command signal according to a set of rules.