Security system for SSTV encryption

In a secure communications system, a key number which is changed periodically, e.g. monthly, and a random number from a random number generator are combined and used as a seed to reset a PN sequence generator, with the output of the generator being used to control encryption of transmission data in a signal processor. The key is also provided to a first encipherer to encipher the random number for transmission with the encrypted data. At the receiver, the key is provided on common to a decipherer for deciphering the random number and a PN sequence generator which is periodically reset by the combination of the key and random number in the same manner as in the transmitter. The PN sequence is then used to decrypt the information. User identification codes are stored in the transmitter and are used to encipher the key, with each employing its ID code to decipher the key. The user ID codes are known only to the system operator, so that not even a particular user can know the key.

Skip to: Description  ·  Claims  ·  References Cited  · Patent History  ·  Patent History
Description
BACKGROUND OF THE INVENTION

The present invention is related to the confidentiality of television signal transmissions, and more particularly to the protection of TV signal transmissions from unauthorized reception. The environment in which the present invention may be widely applicable, and in the context of which the invention will be described herein, is that of subscriber television and TV program distribution.

Subscriber television systems are becoming increasingly widespread wherein TV signals are sent out via a cable network or over the air and are intended for reception and viewing by only those subscribers who have paid a monthly fee. With the increase in subscriber television systems has also come an increase in the number of people attempting to receive and display the premium television programs without payment. Thus, there is a need for more sophisticated security techniques for preventing such unauthorized reception.

Many existing subscriber television systems utilize, directly or indirectly, signals transmitted via satellite, and it is becoming quite common for non-paying individuals to receive and display the premium television programs via television receive only (TVRO) antennas, thus resulting in a substantial loss of revenue for the distributors of the subscription television programs. In addition, various direct satellite broadcast television systems are currently being proposed wherein subscription television programs will be broadcast directly via satellite to individual subscriber homes. These subscription satellite television (SSTV) systems will be quite vulnerable to unauthorized reception, and an effective security technique is therefore highly desirable.

The purpose of a security subsystem for an SSTV system is to protect the distributor's business interest and, accordingly, the following objectives should be achieved:

(1) To prevent a non-subscriber from receiving intelligible video and audio signals by using a regular home television set;

(2) To prevent a delinquent subscriber from receiving intelligible video and audio signals by using the SSTV decoder;

(3) To prevent a legitimate subscriber from receiving intelligible video and audio signals of unsubscribed SSTV channels or programs;

(4) To discourage an average technician from building his own receiver capable of obtaining acceptable quality video and audio signals;

(5) To discourage a small unauthorized business concern from manufacturing and marketing devices which are capable of receiving and displaying acceptable quality video and audio signals from the SSTV channels; and

(6) To allow a legitimate subscriber to receive and display high quality video and audio signals from the subscribed channels or programs.

It would also be highly desirable to achieve the above objectives at a reasonable cost.

A number of security systems for CATV exist, most of which involve the suppression or removal of the horizontal sync pulses from the video signal before transmission, and the recovery of the sync pulses at the receive end. These techniques will prevent people without the sync recovery circuits from receiving and displaying the programs and may therefore achieve objectives (1) and (6) above, but .[.those.]. .Iadd.these .Iaddend.security systems do not achieve objectives (2) and (3) and, since sync recovery circuits are relatively easily designed and manufactured, also do not satisfy objectives (4) and (5).

More sophisticated techniques may include additional intelligence in the subscriber's decoder box, including the capability of receiving commands from a control center which are specifically addressed to an individual subscriber and are used to turn on or off some or all of the channels. These more sophisticated security techniques may succeed in achieving objectives (1)-(3) and (6), but still do not satisfy objectives (4) and (5). For example, most of these techniques involve the checking of a password, and a particular channel is turned on only if the password is matched. This could be relatively easily by-passed by modifying the subscriber's decoder box or building a separate box with all of the necessary features except the on/off switch. Further, subscribers may also be able to tamper with the decoder box to receive more programs than are actually paid for.

SUMMARY OF THE INVENTION

It is an object of the present invention to provide a security subsystem for a subscription television system wherein all of the above-mentioned objectives (1)-(6) are achieved.

It is a further object of this invention to provide such a security subsystem of minimal cost and complexity.

These and other objects are achieved according to the present invention by using a cryptographic technique for scrambling and descrambling of the video signals. The scrambling and descrambling techniques utilize a "key" which is changed on a regular basis and is sent only to paid subscribers, and even this "key" is sent in a different encrypted form to each subscriber so that delinquent subscribers cannot learn the current key from others.

A record is kept of unique user ID codes corresponding to each subscriber, and in a transmitter according to the preferred embodiment of this invention, the key is ciphered with each subscriber's unique ID code prior to sending the key to that subscriber. A random number generator in the transmitter generates a new random number at regular intervals, for example, every second, and this number is combined with the key, and the combined number is then used as a seed to reset a PN sequence generator every second. This PN sequence generator will thus generate a PN sequence with a random seed in one-second segments, and the segmented PN sequence is supplied to a signal processor where it is used to scramble the audio and video program signals. The random number generator is also ciphered with the key and the enciphered random number is continually transmitted with the scrambled video signal.

At the receiver, the enciphered key, which has been sent either via satellite or mail, is deciphered in the receiver utilizing the particular subscriber's unique ID code, which ID code is internal to the receiver and is unknown to the subscriber. The deciphered key is then in turn used to decipher the enciphered random number received with the scrambled program signal. The deciphered key and random number are then combined as in the transmitter, and the combined signal is used to continually reset a PN sequence generator identical to that in the transmitter so that a segmented PN sequence will be generated in the reciver which is identical to that generated in the transmitter, and this segmented PN sequence can then be used to descramble the received signal. The descrambled signal will then be supplied to the subscriber television set.

BRIEF DESCRIPTION OF THE DRAWING

The invention will be more clearly understood with reference to the following description in conjunction with the accompanying drawing wherein the single FIGURE is a block diagram of the essential components of the SSTV security system according to the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

The drawing illustrates a functional block diagram of the SSTV security system according to this invention. The SSTV transmitter will typically include or have access to a billing system computer 10 which will store subscriber information including a list of paid subscribers and their corresponding unique user ID codes. This information may typically be stored in a user data base 12 within the computer. Also within the computer will be a register 14 or the like containing a key which will be changed on a regular basis, e.g. monthly. In preparation for sending this "key of the month" to each current subscriber, the key is enciphered in an encipherer 16 with the user ID code unique to that particular current subscriber, and the enciphered key is then sent to the subscriber.

The transmitter includes a pseudo-random number (PN) sequence generator 18 and a random number generator 20. The random number generator 20 periodically generates a new random number, e.g. once every second, and the outputs of the random number generator 20 and key register 14 are combined and loaded into the PN sequence generator 18 to periodically reset or "seed" the PN sequence generator 18 in a manner well known in the art. Each seeding of the sequence generator 18 will begin a new segment of the PN sequence. The program signal from source 22 is supplied to a signal processor 24 where it is encrypted with the segmented PN sequence from generator 18. The encryption technique used may be any one of a variety of well known techniques and need not be discussed in detail herein. The encrypted, or scrambled, signal is then provided to a transmitter 26 for transmission over link 100 to the various subscriber receivers.

The random number from generator 20 is enciphered with the key of the month in an encipherer 28, and the enciphered random number is transmitted with the scrambled video signal over the link 100.

At the receiver, a register 30 or the like internal to the subscriber TV receiver contains a subscriber-specific secret user ID code which is set prior to installation and is stored in the user data base 12 of the billing computer at the transmitter. Thus, when the subscriber receiver receives the enciphered key or when the user receives the enciphered key by mail and enters the enciphered key into the receiver, a decipherer 32 in the receiver deciphers the enciphered key with the secret user ID code specific to that particular subscriber, and the deciphered key is provided to a decipherer 34. A receiver 36 separates the scrambled signal from the enciphered random number received over link 100 and provides the enciphered random number to the decipherer 34 where it is deciphered with the key received from the decipherer 32. The deciphered random number and key are then combined and loaded into the PN sequence generator 38 to reset or "seed" the sequence generator in the same manner as in the transmitter, to thereby result in the same segmented PN sequence as was used for scrambling in the SSTV transmitter signal processor 24. This segmented PN sequence is then provided to signal processor 40 where it is used to descramble the received program signal. The descrambled signal is then provided to the subscriber television set 42.

The above-described security system provides a novel technique for generating and synchronizing a segmented pseudo-random number (PN) sequence, and a secure key distribution method. The segmented PN sequence generated is used to control the video and audio signal processors that scramble and descramble the program signals. Since a different segmented PN sequence will be generated by each distinct key, the scrambling sequence is different for each key, and by periodically changing the key the scrambling and descrambling sequences will change. Thus, it is not possible for anyone without exact knowledge of the current key to descramble the received program signal with or without a descrambling device.

For each given duration of time, a particular channel is scrambled by a PN sequence that is generated by a randomly selected number and the key of the month. To prevent subscribers of different channels from exchanging the keys among themselves, it is essential that the key for a given channel distributed to each subscriber look different, and this accomplished by enciphering the key with each subscriber's unique user ID code. In this way, although a single key is provided by the register 14 at any one time, a different key is required by each subscriber. It is only when the subscriber-specific key is entered into the receiver that the true key of the month contained in register 14 can be provided to the decipherer 34 and sequence generator 38, and the deciphering of this true key of the month in the decipherer 32 is performed internally of the subscriber receiver and without the subscriber's knowledge.

An important feature of any security system is that a legitimate subscriber must be capable of obtaining synchronization within a short period of time. In the system according to the present invention, the PN sequence used for scrambling and descrambling the signal in signal processors 24 and 40, respectively, is separated into short segments each of which is seeded by the combination of the key of the month and a random number which changes, for example, once every second. Thus, assuming that a legitimate subscriber does have his appropriate key, the time required to acquire synchronization will be substantially equal to the duration of each random number so that synchronization can be acquired rapidly in case of loss of sync due to power outages, rainstorms, changing of channels, etc.

The individual components in the security system according to the present invention are known in the art and need not be described in detail herein since the internal details of these components do not constitute a part of the present invention. The encipherers used to encipher the key of the month and the random number can be two different encipherers, but for the sake of hardware simplicity at the receive side, and consequent cost savings in mass production of the subscriber receivers, it is preferable that the same encipherers be used. The encipherer may employ any enciphering method as long as it has a sufficiently high level of security.

The PN sequence generator can be any general PN sequence generator as long as it also has sufficient security strength, e.g. a properly selected non-linear feedback shift register may suffice.

The random number generator in the transmitter may be a well known thermal noise generator which generates "true" random numbers, or it may be a pseudo-random number generator similar to the sequence generator 18, implemented in a well known manner with digital electronics or computer software. Similarly, the technique for combining the key of the month and the random number generator to produce the "seed" for the PN sequence generators 18 and 38 is not critical, with the simplest technique being a bit-by-bit modulo-2 addition of the two numbers.

In general, each of the functional blocks in the drawing can be implemented with existing techniques, with system complexity and cost and security strength depending on the particular implementation of each of the functional blocks.

The transformation of the simple cipherer is specified by a variable which is different for each channel or special program, and is changed every month.

The user ID code 30 within each subscriber set may be a set of binary switches or a bit pattern programmed into a read-only memory in a sealed box to prevent the subscriber from seeing or changing the number.

The use of a simple cipherer in addition to the non-linear feedback shift-register may seem to increase the system complexity unnecessarily. However, since only a small amount of data, namely the "seed", need be handled each time, and since the statistical properties of the cipherer do not impact to the output of the PN sequence generator, the cipherer can be very simple. One possible approach, for example, is a ROM table of random bits with or without cipher feedback. The use of this simple cipherer greatly simplifies the problem of cryptosynchronization and key distribution, and therefore reduces the overall system complexity.

Suitable alternatives for the scrambling of the program signals include conventional scrambling techniques such as on-off switching, randomly inverting lines, fields or frames, and delaying horizontal lines or fields by certain randomly fixed steps. In any case, the technique used will require the generation of a PN sequence which must be synchronized at both the transmit and receive sides.

Claims

1. In a communications system including a transmitter and a receiver, said transmitter including a program source for providing a program signal representing program information, a transmit signal processor for encrypting said program signal in accordance with a transmit control signal and transmit means for transmitting said encrypted signal, said receiver including receive means for receiving said encrypted signal, a receiver signal processor for decrypting said encrypted signal in accordance with a receive control signal and means for receiving said decrypted signal and providing said program information, the improvement comprising:

first generator means at said transmitter for generating a first sequence of signals representing a first sequence of numbers;
key number means at said transmitter for providing a key number signal representing a key number;
second generator means at said transmitter for generating a second sequence of signals representing a second sequence of numbers, said second generator means being periodically reset by a reset signal comprising the output of said first generator means to thereby generate a plurality of sequence segments each beginning with a reset signal, the output of said second generator means comprising said transmit control signal;
means at said transmitter for enciphering said first sequence of signals with said key number signal and for providing said enciphered first signal sequence to said transmit means for transmission with said encrypted program signal;
.Iadd.means at said transmitter for enciphering said key number signal in accordance with a further signal;.Iaddend.
means at said receiver for providing said key number signal.Iadd., said means at said receiver for providing said key number signal comprising means at said receiver for providing said further signal and means at said receiver for deciphering said enciphered key number signal in accordance with said further signal.Iaddend.;
receive deciphering means at said receiver for receiving said enciphered first signal sequence and said key number, deciphering said first signal sequence in accordance with said key number and providing said deciphered first signal sequence as an output; and
receive generating means for generating a sequence of signals representing said first sequence of numbers, said receive generating means being periodically reset by a reset signal comprising the output of said receive deciphering means to thereby generate said plurality of sequence segments, said plurality of sequence segments being provided by said receive generating means to said receive signal processor as said receive control signal.

2. A communications system as defined in claim 1,.[.further comprising:

means for providing.]..Iadd.wherein said further signal comprises.Iaddend.an identification number signal uniquely identifying said receiver.[.;
means for enciphering said key number signal with said identification signal;
means at said receiver for providing said identification number signal; and
means at said receiver for receiving said identification number signal and said enciphered key number signal and for deciphering said key number signal, said deciphered key number signal being provided to said receive deciphering means.]..

3. A communications system as defined in.[.either one of claims 1 or 2.]..Iadd.claim 1.Iaddend., wherein each of said reset signals provided to said second generator means comprises a combination of said key number signal and a signal of said first signal sequence, and wherein each of said reset signals provided to said receive generator means comprises a combination of said key number signal and a signal of said deciphered first signal sequence.

4. A communications systems as defined in claim 3, wherein said key number signal is changed at predetermined time intervals.

5. A communications system as defined in claim 4, wherein said second generator means is a non-linear pseudorandom sequence generator.

6. A communications system as defined in claim 3, wherein a plurality of receivers receive the encrypted signal transmitted by said transmitter, each of said receivers having a corresponding unique identification number and said enciphered key number received at each receiver being enciphered with the user identification number unique to said each receiver.

7. The communications system as defined in claim 6, wherein said first signal sequence represents a substantially random number sequence.

8. In a method of providing security in a signal transmission system, said method including the steps of encrypting in accordance with an encryption control signal a progam signal representing information, transmitting said encrypted signal, receiving said encrypted signal, decrypting said received encrypted signal in accordance with a decryption control signal and providing said information represented by said decrypted signal, the improvement comprising:

generating a key number signal representing a key number;
generating a first signal sequence representing a first sequence of numbers;
generating a second signal sequence representing a second sequence of numbers, said second signal sequence being periodically reset by a reset signal comprising a signal of said first signal sequence to thereby generate a plurality of second sequence segments;
providing said second sequence segments to said transmit signal processor as said encryption control signal;
enciphering said first signal sequence with said key number and providing said enciphered first sequence to said transmitter for transmission with said encrypted signal;
.Iadd.enciphering said key number signal in accordance with a further signal;
deciphering said enciphered key number signal in accordance with said further signal at said receiver;.Iaddend.
decrypting said enciphered first sequence at said receiver in accordance with said key number signal;
generating said second sequence segments at said receiver by resetting a receive number signal generator with a reset signal comprising said deciphered first signal sequence; and
providing said second sequence segments to said receive signal processor as said decryption control signal.

9. A method as defined in claim 8, further.[.comprising:

enciphering said key number signal at said transmitter with.]..Iadd.wherein said further signal comprises.Iaddend.a user identification number signal uniquely identifying said receiver.[.;
transmitting said enciphered key number signal to said receiver;
deciphering said enciphered key number signal at said receiver in accordance with said user identification number signal uniquely identifying said receiver; and
providing said deciphered key number signal to said deciphering means.]..

10. The method as defined in claim 9, further comprising the steps of:

combining said key number signal and a signal in said first sequence to obtain said reset signal in said transmitter; and
combining said key number signal and a signal in said deciphered first sequence in order to obtain said reset signal in said receiver.

11. The method as defined in any one of claims 8-10, further comprising the step of periodically changing said key number signal.

12. The method as defined in claim 11, wherein said second generator means in said transmitter and said generator means in said receiver each generate non-linear pseudo-random signal sequences.

13. The method as defined in claim 12, wherein said first signal sequence represents a substantially random number sequence.

14. A communications system including a transmitter and a receiver, said system comprising:

a program source at said transmitter for providing a program signal representing program information;
first generator means at said transmitter for generating a first sequence of signals representing a first sequence of numbers;
key number means at said transmitter for providing a key number signal representing a key number;
transmit signal processing means at said transmitter responsive to at least said first sequence of signals for encrypting said program signal;
enciphering means at said transmitter for enciphering said first sequence of signals with said key number signal to provide an enciphered first signal sequence;
transmit means at said transmitter for transmitting said encrypted program signal and said enciphered first signal sequence;
.Iadd.means at said transmitter for enciphering said key number signal in accordance with a further signal;.Iaddend.
means at said receiver for providing said key number signal.Iadd., said means at said receiver for providing said key number signal comprising means at said receiver for providing said further signal and means at said receiver for deciphering said enciphered key number signal in accordance with said further signal.Iaddend.;
receiver deciphering means at said receiver for receiving said enciphered first signal sequence and said key number, deciphering said first signal sequence in accordance with said key number and providing said deciphered first signal sequence as an output; and
receive generating means at said receiver responsive to at least said output of said receive deciphering means for receiving and decrypting said encrypted program signal to obtain said program signal.

15. A communications system as defined in claim 14, wherein said transmit signal processing means includes encryption means for encrypting said program signal in accordance with an encryption control signal, and second generator means at said transmitter for generating a second sequence of signals representing a second sequence of numbers, said second generator means being periodically reset by a reset signal comprising at least the output of said first generator means to thereby generate a plurality of sequence segments each beginning with a reset signal, the output of said second generator means comprising said encryption control signal.

16. A communications system as defined in claim 15, wherein said reset signal comprises a combination of said key number signal and the output of said first generator means.

17. A method of providing security in a signal transmission system between a transmitter and a receiver, said method comprising the steps of:

providing a program signal representing information;
generating a first sequence of signals representing a first sequence of numbers;
providing a key number signal representing a key number;
encrypting said program signal in accordance with at least said first sequence of signals;
enciphering said first sequence of signals with said key number signal to provide an enciphered first signal sequence;
transmitting said encrypted program signal and said enciphered first signal sequence to said receiver;
.Iadd.enciphering said key number signal in accordance with a further signal;.Iaddend.
providing said key number signal at said receiver.Iadd.by deciphering said enciphered key number signal in accordance with said further signal.Iaddend.;
deciphering said first signal sequence at said receiver in accordance with said key number to obtain a deciphered first signal sequence; and
decrypting said encrypted program signal at said receiver in accordance with at least deciphered first signal sequence to obtain said program signal.

18. A method as defined in claim 17, wherein said step of encrypting said program signal in accordance with at least said first sequence of signals comprises the steps generating a second sequence of signals representing a second sequence of numbers, said second sequence of signals comprising a plurality of sequence segments each beginning with a reset signal, said reset signal comprising at least said first signal sequence,.[.said.]..Iadd.and.Iaddend.encrypting said program signal in accordance with said second sequence of signals.

19. A method as defined in claim 18, wherein said reset signal comprises a combination of said key number signal and said first sequence of signals..Iadd.20. In a communications system including a transmitter and a receiver, said transmitter including a program source for providing a program signal representing program information, a transmit signal processor for encrypting said program signal in accordance with a transmit control signal and transmit means for transmitting said encrypted signal, said receiver including receive means for receiving said encrypted signal, a receiver signal processor for decrypting said encrypted signal in accordance with a receive control signal and means for receiving said decrypted signal and providing said program information, the improvement comprising:

first generator means at said transmitter for generating a first sequence of signals representing a first sequence of numbers;
key number means at said transmitter for providing a key number signal representing a key number;
second generator means at said transmitter for generating a second sequence of signals representing a second sequence of numbers, said second generator means being periodically reset by a reset signal comprising the output of said first generator means to thereby generate a plurality of sequence segments each beginning with a reset signal, the output of said second generator means comprising said transmit control signal;
means at said transmitter for enciphering said first sequence of signals with said key number signal and for providing said enciphered first signal sequence to said transmit means for transmission with said encrypted program signal;
means at said receiver for providing said key number signal;
receive deciphering means at said receiver for receiving said enciphered first signal sequence and said key number, deciphering said first signal sequence in accordance with said key number and providing said deciphered first signal sequence as an output; and
receive generating means for generating a sequence of signals representing said first sequence of numbers, said receive generating means being periodically reset by a reset signal comprising the output of said receive deciphering means to thereby generate said plurality of sequence segments, said plurality of sequence segments being provided by said receive generating means to said receive signal processor as said receive control signal;
means for providing an identification number signal uniquely identifying said receiver;
means for enciphering said key number signal with said identification number signal;
means at said receiver for providing said identification number signal; and
means at said receiver for receiving said identification number signal and said enciphered key number signal and for deciphering said key number signal, said deciphered key number signal being provided to said receive

deciphering means..Iaddend..Iadd.21. A communications system as defined in claim 20, wherein each of said reset signals provided to said second generator means comprises a combination of said key number signal and a signal of said first signal sequence, and wherein each of said reset signals provided to said receive generator means comprises a combination of said key number signal and a signal of said deciphered first signal sequence..Iaddend..Iadd.22. A communications system as defined in claim 21, wherein said key number signal is changed at predetermined time intervals..Iaddend..Iadd.23. A communications system as defined in claim 22, wherein said second generator means is a non-linear pseudorandom sequence generator..Iaddend..Iadd.24. A communications system as defined in claim 21, wherein a plurality of receivers receive the encrypted signal transmitted by said transmitter, each of said receivers having a corresponding unique identification number and said enciphered key number received at each receiver being enciphered with the user identification number unique to said each receiver..Iaddend..Iadd.25. A communications system as defined in claim 24, wherein said first signal sequence represents a substantially random number sequence..Iaddend..Iadd.26. In a method of providing security in a signal transmission system, said method including the steps of encrypting in accordance with an encryption control signal a program signal representing information, transmitting said encrypted signal, receiving said encrypted signal, decrypting said received encrypted signal in accordance with a decryption control signal and providing said information represented by said decrypted signal, the improvement comprising:

generating a key number signal representing a key number;
generating a first signal sequence representing a first sequence of numbers;
generating a second signal sequence representing a second sequence of numbers, said second signal sequence being periodically reset by a reset signal comprising a signal of said first signal sequence to thereby generate a plurality of second sequence segments;
providing said second sequence segments to said transmit signal processor as said encryption control signal;
enciphering said first signal sequence with said key number and providing said enciphered first sequence to said transmitter for transmission with said encrypted signal;
decrypting said said enciphered first sequence at said receiver in accordance with said key number signal;
generating said second sequence segments at said receiver by resetting a receive number signal generator with a reset signal comprising said deciphered first signal sequence;
providing said second sequence segments to said receive signal processor as said decryption control signal;
enciphering said key number signal at said transmitter with a user identification signal uniquely identifying said receiver;
transmitting said enciphered key number signal to said receiver;
deciphering said enciphered key number signal at said receiver in accordance with said user identification number signal uniquely identifying said receiver; and
providing said deciphered key number signal to said deciphering means.

.Iaddend..Iadd.27. The method as defined in claim 26, further comprising the steps of:

combining said key number signal and a signal in said first sequence to obtain said reset signal in said transmitter; and
combining said key number signal and a signal in said deciphered first sequence in order to obtain said reset signal in said receiver..Iaddend.

.Iadd.28. The method as defined in any one of claims 26 or 27, further comprising the step of periodically changing said key number signal..Iaddend..Iadd.29. The method as defined in claim 28, wherein said second generator means in said transmitter and said generator means in said receiver each generate non-linear pseudo-random signal sequences..Iaddend..Iadd.30. The method as defined in claim 29, wherein said first signal sequence represents a substantially random number sequence..Iaddend..Iadd.31. A communications system including a transmitter and a receiver, said system comprising:

a program source at said transmitter for providing a program signal representing program information;
first generator means at said transmitter for generating a first sequence of signals representing a first sequence of numbers;
key number means at said transmitter for providing a key number signal representing a key number;
transmit signal processing means at said transmitter responsive to at least said first sequence of signals for encrypting said program signal;
enciphering means at said transmitter for enciphering said first sequence of signals with said key number signal to provide an enciphered first signal sequence;
transmit means at said transmitter for transmitting said encrypted program signal and said enciphered first signal sequence;
means at said receiver for providing said key number signal;
receive deciphering means at said receiver for receiving said enciphered first signal sequence and said key number, deciphering said first signal sequence in accordance with said key number and providing said deciphered first signal sequence as an output; and
receive generating means at said receiver responsive to at least said output of said receive deciphering means for receiving and decrypting said encrypted program signal to obtain said program signal;
wherein said transmit signal processing means includes encryption means for encrypting said program signal in accordance with an encryption control signal, and second generator means at said transmitter for generating a second sequence of signals representing a second sequence of numbers, said second generator means being periodically reset by a reset signal comprising at least the output of said first generator means to thereby generate a plurality of sequence segments each beginning with a reset signal, the output of said second generator means comprising said encryption control signal; and
wherein said reset signal comprises a combination of said key number signal

and the output of said first generator means..Iaddend..Iadd.32. A method of providing security in a signal transmission system between a transmitter and a receiver, said method comprising the steps of:

providing a program signal representing information;
generating a first sequence of signals representing a first sequence of numbers;
providing a key number signal representing a key number;
encrypting said program signal in accordance with at least said first sequence of signals;
enciphering said first sequence of signals with said key number signal to provide an enciphered first signal sequence;
transmitting said encrypted program signal and said enciphered first signal sequence to said receiver;
providing said key number signal at said receiver;
deciphering said first signal sequence at said receiver in accordance with said key number to obtain a deciphered first signal sequence; and
decrypting said encrypted program signal at said receiver in accordance with at least said deciphered first signal sequence to obtain said program signal;
wherein said step of encrypting said program signal in accordance with at least said first sequence of signals comprises the steps of generating a second sequence of signals representing a second sequence of numbers, said second sequence of signals comprising a plurality of sequence segments each beginning with a reset signal, said reset signal comprising at least said first signal sequence, and encrypting said program signal in accordance with said second sequence of signals; and
wherein said reset signal comprises a combination of said key number signal

and said first sequence of signals..Iaddend..Iadd.33. A communications system as defined in claim 1, wherein said further signal is fixed during normal operation of said system..Iaddend..Iadd.34. A communications system as defined in claim 1, wherein said key number signal is periodically changed..Iaddend..Iadd.35. A communications system as defined in claim 34, wherein said key number signal changes at a rate slower than the signals of said first sequence of signals..Iaddend..Iadd.36. A method as defined in claim 8, wherein said further signal is fixed during normal operation of said system..Iaddend..Iadd.37. A method as defined in claim 8, wherein said step of generating said key number signal comprises periodically changing said key number signal..Iaddend.

.Iadd.38. A method as defined in claim 37, wherein said key number signal is changed at a rate slower than the signals of said first sequence of signals..Iaddend..Iadd.39. A communications system as defined in claim 14, wherein said further signal is fixed during normal operation of said system..Iaddend..Iadd.40. A communications system as defined in claim 14, wherein said key number signal is periodically changed..Iaddend..Iadd.41. A communications system as defined in claim 40, wherein said key number signal changes at a rate slower than the signals of said first sequence of signals..Iaddend..Iadd.42. A method as defined in claim 17, wherein said further signal is fixed during normal operation of said system..Iaddend..Iadd.43. A method as defined in claim 17, wherein said step of generating said key number signal comprises periodically changing said key number signal..Iaddend..Iadd.44. A method as defined in claim 43, wherein said key number signal is changed at a rate slower than the signals of said first sequence of signals..Iaddend..Iadd.45. A communications system including a transmitter and a receiver, said system comprising:

a program source at said transmitter for providing a program signal representing program information:
first generator means at said transmitter for generating a first sequence of signals representing a first sequence of numbers common to all receivers receiving said program information;
key number means at said transmitter for providing a key number signal representing a key number common to all receivers receiving said program information;
transmit signal processing means at said transmitter responsive to at least said first sequence of signals for encrypting said program signal;
enciphering means at said transmitter for enciphering said first sequence of signals with said key number signal to provide an enciphered first signal sequence;
transmit means at said transmitter for transmitting said encrypted program signal and said enciphered first signal sequence;
means at said receiver for providing said key number signal;
receive deciphering means at said receiver for receiving said enciphered first signal sequence and said key number, deciphering said first signal sequence in accordance with said key number and providing said deciphered first signal sequence as an output; and
receive generating means at said receiver responsive to at least said output of said receive deciphering means for receiving and decrypting said encrypted program signal to obtain said program signal..Iaddend.

.Iadd. A method of providing security in a signal transmission system between a transmitter and a receiver, said method comprising the steps of:

providing a program signal representing information;
generating a first sequence of signals representing a first sequence of numbers common to all receivers receiving said information;
providing a key number signal representing a key number common to all receivers receiving said information;
encrypting said program signal in accordance with at least said first sequence of signals;
enciphering said first sequence of signals with said key number signal to provide an enciphered first signal sequence;
transmitting said encrypted program signal and said enciphered first signal sequence to said receiver;
providing said key number signal at said receiver;
deciphering said first signal sequence at said receiver in accordance with said key number to obtain a deciphered first signal sequence; and
decrypting said encrypted program signal at said receiver in accordance with said first signal sequence to obtain said program signal..Iaddend..Iadd.47. A communications system including a transmitter and a receiver, said system comprising:
a program source at said transmitter for providing a program signal representing program information;
first generator means at said transmitter for generating a first sequence of signals representing a first sequence of numbers changing at least several times per minute;
key number means at said transmitter for providing a key number signal representing a key number;
transmit signal processing means at said transmitter responsive to at least said first sequence of signals for encrypting said program signal;
enciphering means at said transmitter for enciphering said first sequence of signals with said key number signal to provide an enciphered first signal sequence;
transmit means at said transmitter for transmitting said encryted program signal and said enciphered first signal sequence;
means at said receiver for providing said key number signal;
receive deciphering means at said receiver for receiving said enciphered first signal sequence and said key number, deciphering said first signal sequence in accordance with said key number and providing said deciphered first signal sequence as an output; and
receive generating means at said receiver responsive to at least said output of said receive deciphering means for receiving and decrypting said encrypted program signal to obtain said program signal..Iaddend.

.Iadd. A communications system according to claim 47, wherein the numbers in said first sequence of numbers change approximately once per second..Iaddend..Iadd.49. A method of providing security in a signal transmission system between a transmitter and a receiver, said method comprising the steps of:

providing a program signal representing information;
generating a first sequence of signals representing a first sequence of numbers changing at least several times per minute;
providing a key number signal representing a key number;
encrypting said program signal in accordance with at least said first sequence of signals;
enciphering said first sequence of signals with said key number signal to provide an enciphered first signal sequence;
transmitting said encrypted program signal and said enciphered first signal sequence to said receiver;
providing said key number signal at said receiver;
deciphering said first signal sequence at said receiver in accordance with said key number to obtain a deciphered first signal sequence; and
decrypting said encrypted program signal at said receiver in accordance with said first signal sequence to obtain said program signal..Iaddend.

.Iadd.50. A method according to claim 49, wherein the numbers in said first sequence of numbers change approximately once per second..Iaddend.

Referenced Cited
U.S. Patent Documents
3238297 March 1966 Pawley et al.
3649915 March 1972 Mildonian, Jr.
3659046 April 1972 Angeleri et al.
3717206 February 1973 Zopf et al.
3733431 May 1973 Kirk, Jr. et al.
3769448 October 1973 Court
3801732 April 1974 Reeves
3824332 July 1974 Horowitz
3826863 July 1974 Johnson
3852519 December 1974 Court
3857997 December 1974 Toonder
3911204 October 1975 Spinelli
3911216 October 1975 Barket et al.
3914534 October 1975 Forbes
3916091 October 1978 Kirk, Jr. et al.
3919462 November 1975 Hartung et al.
3934079 January 20, 1976 Barnhart
3936593 February 3, 1976 Aaronson et al.
3956615 May 11, 1976 Anderson et al.
3982062 September 21, 1976 Simons
3996418 December 7, 1976 Murphy et al.
3997718 December 14, 1976 Ricketts et al.
3999005 December 21, 1976 Dickinson
4024574 May 17, 1977 Nieson
4025948 May 24, 1977 Loshin
4034402 July 5, 1977 Brian
4058830 November 15, 1977 Guinet et al.
4068264 January 10, 1978 Pires
4070693 January 24, 1978 Shutterly
4075660 February 21, 1978 Horowitz
4081831 March 28, 1978 Tang et al.
4081832 March 28, 1978 Sherman
4091413 May 23, 1978 Herman
4091417 May 23, 1978 Nieson
4104486 August 1, 1978 Martin et al.
4109281 August 22, 1978 Kanazashi et al.
4112464 September 5, 1978 Guif et al.
4115807 September 19, 1978 Pires
4118669 October 3, 1978 Fung
4126762 November 21, 1978 Martin et al.
4130833 December 19, 1978 Chomet
4148063 April 3, 1979 Chomet
4161751 July 17, 1979 Ost
4163254 July 31, 1979 Block et al.
4200770 April 29, 1980 Hellman et al.
4225884 September 30, 1980 Block et al.
4292650 September 29, 1981 Hendrickson
4310720 January 12, 1982 Check, Jr.
4317957 March 2, 1982 Sendrow
4323921 April 6, 1982 Guillou
4337483 June 29, 1982 Guillou
4354201 October 12, 1982 Sechet et al.
4365110 December 21, 1982 Lee et al.
4388643 June 14, 1983 Aminetzah
4398216 August 9, 1983 Field et al.
4405942 September 20, 1983 Block et al.
4410911 October 18, 1983 Field et al.
4484027 November 20, 1984 Lee et al.
4528589 July 9, 1985 Block et al.
4531020 July 23, 1985 Wechselberger et al.
4531021 July 23, 1985 Bluestein et al.
4600942 July 15, 1986 Field et al.
Foreign Patent Documents
2050021 December 1980 GBX
Other references
  • J. Everton, "Adaptation of the Basic Hierarchy for Encryption Key Management to Serve Applications With Conflicting Requirements," IEEE, 1979, pp. 186-191. F. Heinrich, "The Network Security Center: A System Level Approach to Computer Security", National Bureau of Standards Special Publication 500-21, vol. 1, Jan. 1978. S. Kent, "Encryption-Based Protection Protocols for Interactive User-Computer Communication," NTIS Technical Report 162, May 1976. S. Kent, "Security Requirements and Protocols for a Broadcast Scenario," IEEE Transactions on Communications, vol. COM-29, No. 6, Jun. '81, pp. 778-786. I. Ingemarson et al, "Encryption and Authentication in On-Board Processing Satellite Communication Systems," IEEE Transactions on Communications, vol. COM-29, No. 11, Nov. 1981, pp. 1684-1687. M. Sendrow, "A Method of Authentication in EFT Networks Using DES Without Downline Loading of Working Keys," 1980, IEEE, pp. 168-175.
Patent History
Patent number: RE33189
Type: Grant
Filed: Sep 18, 1989
Date of Patent: Mar 27, 1990
Assignee: Communications Satellite Corporation (Washington, DC)
Inventors: Lin-nan Lee (Potomac, MD), Russell J. Fang (Potomac, MD)
Primary Examiner: Salvatore Cangialosi
Law Firm: Sughrue, Mion, Zinn, Macpeak & Seas
Application Number: 7/409,955
Classifications
Current U.S. Class: 380/20; 380/21; Plural Generators (380/47)
International Classification: H04L 902; H04K 102;