| Nagravision SA Patent applications |
| Patent application number | Title | Published |
|---|
| 20120127672 | INTERFACE BETWEEN A SECURITY MODULE AND A HOST DEVICE - The present invention may be deployed in a system comprising a security module housed on a chip card and a host device comprising a chip card reader. The host device is comprised in a housing with a slot for the chip card. The housing is shielded to reduce the amount of electromagnetic radiation generated by the security module and/or the host device from penetrating to the exterior of the housing. Similarly, the shielding is adapted to reduce the effects of electromagnetic radiation generated outside of the host device on the components within the housing. The slot is also shielded by a flap made of an electrically conductive epoxy material or an electrically conductive resin. | 05-24-2012 |
| 20120126009 | METHOD AND APPARATUS FOR COMMUNICATING BETWEEN A SECURITY MODULE AND A HOST DEVICE - The present invention may be deployed in an interface between a security module (CH) housed on a chip card (CC) and a host device (HST) comprising a chip card reader (RDR). In the case where the security module (CH) operates at frequencies which are high enough to generate unwanted electromagnetic interference, the invention allows for a substantial reduction in such interference by providing a converter module (CVT) which allows the host device to operate at lower frequencies while a limited number of short, shielded connections are used to interface with the security module (CH). | 05-24-2012 |
| 20120106741 | METHOD FOR CREATING AN ENHANDED DATA STREAM - The present invention provides a method for secure communication of digital information between a transmission entity and at least one reception entity. The method may be applied in the domain of audio/video data transmission, where stuffing data packets comprising random payloads are inserted into a transport stream along with true data packets comprising the audio/video data. The dummy data packets are detectable by an authorized reception entity but not detectable by unauthorized reception entities. A large number of stuffing data packets are included in the transmission to occupy bandwidth and to further render the job difficult for an unauthorized reception entity which tries to intercept the transmission. | 05-03-2012 |
| 20120036538 | Method for sharing data and synchronizing broadcast data with additional information - A method for sharing data and synchronizing broadcast data with additional information, the broadcast data and the additional information being provided by at least two distinct sources to a multimedia device. The method comprises steps of:
| 02-09-2012 |
| 20120023055 | System and method for multi-source semantic content exploration on a TV receiver set - The present invention refers to the field of metadata enhancement system for broadcast televisions program, in particular to provide to the customer more information about a current, past or future broadcast. It concerns a method to enhance transmitted contents, said method starting from the metadata to populate a knowledge database. This method is based on a iterative process to fetch information from open Internet using as search criteria the result of the previous search. The data in the knowledge database are organized in data triple. According to one embodiment, the iterative process is stops when the returned data are related to another content. | 01-26-2012 |
| 20120017235 | System and method to prevent manipulation of transmitted video data - The aim of the invention is to provide a solution to ensure that the content sent by the IRD is the content effectively displayed on the screen. | 01-19-2012 |
| 20120017233 | System and method to prevent manipulation of transmitted video data - The aim of the invention is to provide a solution to ensure that the content sent by the IRD is the content effectively displayed on the screen. | 01-19-2012 |
| 20120008779 | METHOD FOR SECURE TRANSFER OF MESSAGES - The present invention may be deployed in a system for broadcast of conditional access content where it is desirable to detect and take action against receiver equipment which has been used in a control word sharing activity. By requiring that receiver equipment used in the system send a message to a broadcaster of conditional access content at a precise time, the invention provides a method for the server to detect receiver equipment involved in control word sharing activity and to inhibit that receiver's ability to further access the content. | 01-12-2012 |
| 20120008774 | Method and device to enhance video content - A multifunction device for television set and a method to enhance video content provided to a display device of said television set. The multifunction device comprises an input for receiving audio/video data from an audio/video content data source, an output for outputting audio/video data to the display device, and communication means for accessing Internet or a local area network for collecting additional data. The multifunction device being connected and powered by a common interface of the display device further comprises image processing means configured for receiving first image data from the input, a converter configured for receiving additional data from Internet or a local area network and for converting said additional data into additional image data, an image merging module configured for combining said additional image data with all or part of the input first image data to obtain second image data to be forwarded to the output connected to the display device. | 01-12-2012 |
| 20110314491 | METHOD FOR ACCESSING GOODS OR SERVICES FOLLOWING AN ACTION PERFORMED BY A VIEWER OF BROADCAST PROGRAM CONTENT - A method is described for rewarding a viewer of a broadcast program in exchange for the viewer proving his presence at the time that certain program content is being broadcast. The method involves the use of running an application in a television environment, said application displaying a graphic inviting the viewer to intervene in some manner and to subsequently log the viewer's intervention, thereby documenting his viewing activity. The method further allows for the convenient and mobile reporting of the status of a log of the viewer's viewing activity. Finally, the method allows for the convenient and flexible redemption of accrued credit, as documented in the viewing log, against goods and/or services. | 12-22-2011 |
| 20110307725 | METHOD TO MANAGE THE POWER SETTING OF A RECEIVER/DECODER FOR PAY-TV - A method to manage the power setting of a receiver/decoder for pay-TV comprising a timer and means to receive management messages, the power setting comprising at least three states, the active state during which the reception and the decoder is active, the active/standby state during which the receiver is active for the reception of management messages and the standby state during which the receiver/decoder is in idle mode. | 12-15-2011 |
| 20110302427 | METHOD FOR ACTIVATING AT LEAST A FUNCTION ON A CHIPSET AND CHIPSET FOR THE IMPLEMENTATION OF THE METHOD - A method for activating a function of a chipset comprising at least a memory and a calculation module in charge of cryptographic operations, the memory containing at least a seed and the calculation module containing at least one cryptographic algorithm, the method comprising the steps of: receiving at least one of a segmentation key, a global key and a global cryptographic algorithm selector; transmitting at least two items selected from the group consisting of the seed, the received segmentation key, the global key and the global cryptographic algorithm selector, to the calculation module, each of the items being provided by different entities; generating in the calculation module, a temporary key by using one of said at least one cryptographic algorithm of the calculation module and at least the two items; and verifying an authenticity of a received activation message using the temporary key and controlling activation based on the verification. | 12-08-2011 |
| 20110293091 | Method and apparatus for decrypting encrypted content - The present invention provides a method for decrypting encrypted content transmitted from an operator to a plurality of users where said operator further provides security information allowing for the decryption of said content. The method has the advantage of satisfying the goal of providing the capability for detecting a fraudulent user who retransmits control words extracted from the security information to other users. The method provides for the achievement of the goal without incurring extra overhead in addition to the transmitted content and security information. The method makes use of control words which are based on multiple solutions provided by collisions in mathematical functions and involves the observation of choices of control words retransmitted by the fraudulent user. | 12-01-2011 |
| 20110249814 | DEVICE AND A METHOD FOR PERFORMING A CRYPTOGRAPHIC FUNCTION - The present invention provides a method and an apparatus for encrypting and decrypting digital information while imparting a high level of security on the encrypted digital information. A mixed-mode digital-analogue encryption and decryption technique is proposed, which minimises the probability of an unintended recipient of the thus encrypted information being able to decrypt the information using known reverse engineering techniques. | 10-13-2011 |
| 20110231709 | Method for checking data consistency in a system on chip - The invention aims to provide a method and a system on chip able to detect at once hardware and software errors to prevent manipulations for retrieving cryptographic keys, inserting or suppressing instructions to bypass security processes, modifying programs or memory content etc. The system on chip comprises a core including at least two processors, registers, and a data consistency check module. The core is connected to at least one set of memories containing zones for instructions of a first program and of a second program, said instructions being to be executed respectively by the first and second processor, which respectively produce and store result data into the registers and the memories. The data consistency check module is configured to verify conformity of the produced result data by comparing a test result obtained by carrying out a predetermined function F over one of the first or second result data with the corresponding second or first result data and to continue execution of instructions of each program when the comparison is successful, or stop execution when the comparison shows an error. | 09-22-2011 |
| 20110213790 | METHOD FOR NOTIFYING A USER ABOUT A BROADCAST EVENT - A method for notifying a user about a broadcast event comprises the steps of receiving at a management center at least one user keyword; receiving at the management center an identifier of at least one user unit, said at least one user unit being linked to the user; in the management center, determining a set of broadcast data linked to broadcast events; forming a query containing data identifying at least a subset of the set of broadcast data and at least one user keyword; sending said query to a plurality of data sources; receiving at the management center a response to the query, the response indentifying at least one event; transmitting a notification containing an identifier of the at least one present or future event in said response and the identifier of the user unit so that the user unit may notify the user of the events in the response. | 09-01-2011 |
| 20110188655 | METHOD TO MANAGE MEMBERS OF AT LEAST ONE GROUP OF DECODERS HAVING ACCESS TO BROADCAST DATA - A method to manage members of a group of decoders having access to broadcast data, each group member sharing a common broadcast encryption scheme (BES) comprising the steps of, in a stage for a decoder to become a group member, receiving keys pertaining to the position in the group according to the BES, receiving a current group access data comprising a current group access key, and in a stage of accessing broadcast data, using the current group access data to access the broadcast data, and in a stage of renewing the current group access key, sending a first group message comprising at least a net group access key encrypted so that only non revoked decoders can access it, said group message being further encrypted by the current group access key, updating the current group access key with the next group access key. | 08-04-2011 |
| 20110164747 | METHOD TO ENFORCE BY A MANAGEMENT CENTER THE ACCESS RULES FOR A BROADCAST PRODUCT - A method to enforce by a management center access rules for a broadcast product accessed by an access key, the management center managing a plurality of Boolean positive and negative attributes, comprising the steps: associating one positive Boolean attribute to a receiver entitled to the attribute and loading the same; associating one negative Boolean attribute to a receiver not entitled to the attribute and loading the same; defining at least a second broadcast encryption scheme for the negative Boolean attributes and associating each negative Boolean attribute corresponding decryption key material; expressing access conditions on a product as a Boolean expression by combining at least one positive Boolean attribute and at least one negative Boolean attribute by at least one Boolean conjunction or disjunction; generating and broadcasting at least one cryptogram to a receiver, encrypting the access key with the two combined broadcast encryption schemes according to the Boolean expression. | 07-07-2011 |
| 20110154042 | METHOD AND PROCESSING UNIT FOR SECURE PROCESSING OF ACCESS CONTROLLED AUDIO/VIDEO DATA - A method based on access conditions verification performed by two conditional access devices consecutively on a control message before releasing a control word to a descrambler. The control message encapsulates a second part including another control message. The processing unit for carrying out the method comprises a first conditional access device connected to a second conditional access device provided with a descrambler and a secured processor or secured hardware logic. The control message and the second part are each encrypted and accompanied by respectively first and second authentication data. The first conditional access device decrypts and verifies integrity of the control message, verifies the first access conditions and transmits the second part to the second access control device. The second conditional access device decrypts and verifies integrity of the second part and further verifies the second access conditions, and releases and loads the control word into the descrambler. | 06-23-2011 |
| 20110131389 | METHOD FOR UPDATING DATA IN MEMORIES USING A MEMORY MANAGEMENT UNIT - A method for updating, in the background, data stored in physical memories without affecting the current operations performed by the microprocessor. When the update is completely terminated, the application switches from an old version to a new version. This switching occurs by a reconfiguration of the page table during which a first sub-tree structure of pointers accessing the old version of data stored in memories is replaced by a second sub-tree structure of pointers thus allowing access to the new version of data. This update method prevents incoherent transitory states of the system as the latter works with the previous data version until the installation of the new version becomes usable. In the case of an interruption to the update process, the application can always reinitialize the update since the old version of data can be reactivated by returning to the previous configuration of the page table. | 06-02-2011 |
| 20110099567 | METHOD FOR THE ALLOCATION AND MANAGEMENT OF SUBSCRIPTIONS FOR THE RECEPTION OF BROADCAST PRODUCTS - A method to reduce bandwidth necessary for renewal of subscriptions for reception of broadcast services including: defining a plurality of sets of subscriber identification numbers, each set being associated with a product; splitting a set of subscriber identification numbers into groups of subscribers; searching for an available subscriber identification number related to the desired product at the time of initialization of a new subscriber; confirming that an inhibit duration has elapsed between the end of the previous subscription and the start of the new subscription; sending an initialization message to the new subscriber addressed with his unique identification address and containing the subscriber identification number of, and rights to, his product; preparing a group rights renewal message for the product to the group containing the subscriber identification number, this message comprising the group header containing this subscriber and a compressed bitmap allowing to individually address each of the group members. | 04-28-2011 |
| 20110099364 | Method for accessing services by a user unit - The invention concerns a method for accessing services by a user unit, said services being a subset of all services broadcast by a management center and comprising at least two services, said subset of services defining a package, each service being simultaneously broadcast and containing audio/video data, the data of a service being encrypted by at least one control word, the method comprising the steps of:
| 04-28-2011 |
| 20110078722 | METHOD FOR DISPLAYING ENHANCED VIDEO CONTENT - The present invention provides a solution to the problem of displaying enhanced video content from a remote server in situations where a connection to the remote server provides inadequate bandwidth to be able to do so. One solution involves pre-storing the enhanced video content locally, receiving a broadcast of a default format version of the enhanced content and displaying the enhanced content instead of the default format content. The present invention also provides a means for ensuring that such pre-stored content is only viewed at a predefined time and by viewers who are authorised to do so. | 03-31-2011 |
| 20110075843 | UNIT AND METHOD FOR SECURE PROCESSING OF ACCESS CONTROLLED AUDIO/VIDEO DATA - Unit for secure processing access controlled audio/video data capable of receiving control messages(ECM) comprising at least one first control word (CW | 03-31-2011 |
| 20100310068 | METHOD FOR MONITORING EXECUTION OF DATA PROCESSING PROGRAM INSTRUCTIONS IN A SECURITY MODULE - A method for monitoring execution of a sequence of data processing program instructions in a security module associated to a multimedia unit connected to a managing center supplying control messages authorizing access to broadcast data streams. The security module comprises a processor for executing the instructions, a memory, and a monitoring module for analyzing the instructions before execution by the processor. The managing center comprises a security module emulator generating reference data sets by executing a sequence of instructions induced by data of a given control message in the program. The reference data sets are appended to control messages sent to the security module. The monitoring module analyzes a sequence of program instructions for determining a check data set which is compared with a reference data set received from the control messages. When the reference and check data sets match, the program continues executing. Otherwise, further control message processing stops. | 12-09-2010 |
| 20100299528 | METHOD FOR PROVIDING ACCESS CONTROL TO MEDIA SERVICES - The present invention proposes a solution to prevent a program flow in a processing unit from being modified with respect to an intended program flow, thereby ensuring that important steps such as verifying or authenticating are not bypassed. The invention is particularly aimed at security modules within receiver/decoders in a pay-TV system and involves performing a set of predetermined operations during the processing of entitlement management messages and/or entitlement control messages, said operations being redundant with respect to the normal processing of said messages while leading to the calculation of keys which can then be used to verify that the intended program flow has been respected. | 11-25-2010 |
| 20100293098 | PROCESS FOR CARRYING OUT A TRANSACTION BETWEEN A PAYMENT MODULE AND A SECURITY MODULE - This invention relates to a process for carrying out a transaction between a payment module and a security module connected to a user's unit, this process being characterized in that it comprises the following steps: entering an identifier representative of the transaction to be carried out by means of an input device; generating by the user's unit, a control message containing at least a representative code of said transaction and an identifier of the security module requiring the transaction; sending said control message to said payment module (PP); verifying in said payment module whether it is entitled to carry out the desired transaction; if the payment module is entitled to carry out this transaction, execution of the transaction, storage of the result of the transaction in said payment module and generation by the payment module, of a receipt relating to the desired transaction and to the related security module; sending said receipt to a management centre; sending an unlocking code to the security module (SC) by the management centre; registering the transaction in said security module. | 11-18-2010 |
| 20100272267 | METHOD TO SECURE ACCESS TO AUDIO/VIDEO CONTENT IN A DECODING UNIT - The present invention concerns the generation of a key necessary to decrypt audio/video contents by genuine decoding units. It concerns in particular a method to secure the reception of a broadcast content managed by a control center and encrypted by at least one content key, said content key or a data allowing to recover said content key being transmitted to the decoding units encrypted by a transmission key common to the decoding units, each decoding unit having at least one environment parameter known by the control center, said decoding unit receiving from the control center a first message common to all decoding units and comprising the encrypted transmission key and a second message, pertaining to said decoding unit and comprising correction data dedicated to said decoding unit, the decryption of the transmission key being made using the environment parameter and the correction data. | 10-28-2010 |
| 20100268964 | METHOD FOR EVALUATING USER'S RIGHTS STORED IN A SECURITY MODULE - The aim of the present invention consists of reducing the switching time from one reception channel to another. In fact, this reduction will be particularly discernable since the number of different rights stored in a security module of a multimedia unit or decoder is high. When a user selects a service among those proposed by an electronic programs guide, an access control module explores a stored service information table in order to extract an access condition associated to the service. This access condition allows determining an index in a rights table stored in the access control module of a right that fulfils the access condition. The access control module transmits to the security module the index thus determined alone or accompanied by a control message. This index allows the security module to find quickly the right that it compares afterwards with the access condition included in the control message after decryption of the latter. | 10-21-2010 |
| 20100088229 | VALUE MANAGEMENT METHOD IN A PREPAID DEVICE - A method to secure a prepaid device for access to audio/video content having the possibility of reimbursement of the unused balance upon presentation of the aforementioned device to a control center by managing an account value in the prepaid device, the prepaid device including an identifier unique to each device and a control value, the method comprising: receiving of a request to modify the account value by an amount; calculating a new account value by modifying the account value by the amount, determining a number of steps, the number of steps being determined according to a function expressing the modification of the new account value relative to the account value; and modifying the control value by executing at least one one-way function on said control value a number of times equal to the number of steps. | 04-08-2010 |
| 20100077390 | METHOD FOR UPDATING AND MANAGING AN AUDIOVISUAL DATA PROCESSING APPLICATION INCLUDED IN A MULTIMEDIA UNIT BY MEANS OF A CONDITIONAL ACCESS MODULE - A method to force a multimedia unit to update an application for viewing broadcast conditional access content by linking said update to an update of the conditional access module firmware. The firmware update is initialized by means of version information transmitted in the content stream. In particular, this version information may be included in ECM or EMM messages or in services information tables in order to be processed by the conditional access module independently from the multimedia unit. The version information comprises of a minimum version and of an available maximum version. If the conditional access module detects that the current version of the firmware is inferior to the available maximum version, it transmits a message requesting an update of the application that initiates downloading a firmware updating from a management center. The update installation is carried out simultaneously in the conditional access module and in the multimedia unit. | 03-25-2010 |
| 20100061554 | METHOD FOR THE ALLOCATION AND MANAGEMENT OF SUBSCRIPTIONS FOR THE RECEPTION OF BROADCAST PRODUCTS - A method to reduce the bandwidth for the renewal of subscriptions includes: A) defining a maximum length for a message, B) defining a command for security modules, C) forming a message comprising the command, D) filling the message with a starting address and a range E) determining a remaining length in the message, F) defining a bitmap of variable length, G) starting at identification address equal to the starting address and initializing an index value and the bitmap length, H) updating the bitmap bit for the security module pertaining to the identification address to activate/deactivate the command, I) compressing the bitmap, J) when the compressed bitmap length is smaller than the remaining size in the message, updating the index value, the bitmap length and the identification address and re-executing the steps H to J, K) updating the range with the index value and filling the message with the bitmap. | 03-11-2010 |
| 20100011387 | METHOD FOR VALIDATING ACCESS TO A PRODUCT BY MEANS OF A SECURITY MODULE - A method for validating access to a product by a security module associated with a user unit unidirectionally connected to a managing center MC transmitting management messages being generated following the receipt of a request for an access right to the product, said method comprises the steps of purchasing a product, determining a code representing the product, displaying said code on a display device, transmitting to the MC, a request comprising said code and an security module identifier, transmitting a right confirmation message addressed to the user unit associated with said security module, wherein, at purchasing of the product, a temporary right is registered in the security module, said temporary right being replaced by a definitive right by the right confirmation message received from the MC, said definitive right authorizing the access to the purchased product by debiting the value amount associated with said product. | 01-14-2010 |
| 20090325576 | METHOD OF LOCAL CONDITIONAL ACCESS FOR MOBILE EQUIPMENT - A method for conditional access to a digital data stream encrypted with at least one control word and broadcasted to at least one mobile device, said transmitter also transmitting a control message stream containing control words and access conditions, said mobile device being connected to a mobile communication network via a mobile access point, comprises: receiving the control message stream by the mobile device; determining a location identifier for the said mobile device by either the identifier of the mobile access point or the identifier of the broadcasting network transmitter; verifying access conditions contained in the control message, said access conditions comprising a reception condition related to a mobile access point identifier and/or an identifier of one broadcasting network transmitter; comparing the determined identifier with the identifier(s) contained in the access conditions; and authorizing or blocking the access to said data stream depending on the result of the comparison. | 12-31-2009 |
| 20090319741 | SECURE MEMORY MANAGEMENT SYSTEM AND METHOD - The present invention describes a system and a method for securely loading digital information from a storage device into a memory module in a data processing system, said data processing system comprising at least one storage device, one memory module and at least one processor, said data processing system further comprising a memory access controller module connected between the processor and the memory module, and a secure memory management module connected to the processor, the memory module, the storage device and the memory access controller. Requests by the processor for data are passed to the secure memory management module, which loads the data from the storage device to the memory module and configures the memory access controller such that the processor will have access to the data. | 12-24-2009 |
| 20090254996 | Security module for audio/video data processing unit - The aim of the present invention is to limit the impact of security breaches, which are the emulators of the security module. This aim is reached by a processing unit of audio/video digital conditional access data, encrypted by control words, responsible for processing security messages containing at least one cryptogram relative to a control word and one instruction relative to the control word, characterised in that it includes means to receive at least two micro programs by security messages, executable by the security module, said security module comprising means to store at least two micro programs and means to receive an instruction contained in the security message, for selecting the micro program indicated by the instruction, for executing the said micro program with at least the cryptogram as a parameter of execution, this execution allowing the calculation of the control word to be sent back to the audio/video processing unit. | 10-08-2009 |
| 20090185686 | METHOD TO TRACE TRACEABLE PARTS OF ORIGINAL PRIVATE KEYS IN A PUBLIC-KEY CRYPTOSYSTEM - The aim of the present invention is to propose a very fast alternative mechanism to the traitor tracing algorithm introduced by Boneh and Franklin to trace private keys in a public-key cryptosystem. This invention concerns a method to trace traceable parts of original private keys in a public-key cryptosystem consisting of one public key and l corresponding private keys, a private key being formed by a traceable array of 2 | 07-23-2009 |
| 20090185676 | METHOD TO GENERATE A PRIVATE KEY IN A BONEH-FRANKLIN SCHEME - The aim of the present invention is to propose an alternative scheme to the classical Boneh-Franklin scheme in order to simplify the generation and the use of the asymmetric keys. | 07-23-2009 |
| 20090138701 | METHOD FOR RECORDING AND RESTORING A CIPHERED CONTENT BY A PROCESSING UNIT - A method of operating by a second processing unit a content recorded by a first processing unit, said first and second processing units having a specific key being managed by a central server. The processing units have access to a removable storage memory intended to record a content ciphered by a content key accompanied by a file associated to the content. The content key is produced by means of a cascaded deciphering starting from the specific key of the first unit of at least two constants provided by the central server and a variable. The content is restored by the second processing unit by means of a cascaded deciphering starting from the specific key of the second unit by using the constants and the variable stored in the file accompanying the content and a transcoding key calculated by the central server. | 05-28-2009 |
| 20080250444 | Method For Processing Conditional Access Contents By A User Unit - A method allows a broadcasted conditional access content accessible at the time of transmission to be also accessible at a later time thanks to intermediate storage on a hard disk of a user unit. The processing method includes the steps of receiving at the user unit a data stream encrypted by at least one control word, at least one control message stream containing the control words, forming an index file, each index comprising an identifier of a control message formed by the extraction of data associated to the control messages and an identifier of the part of the content to which the control message is applied; and, at the time of the deferred processing of the content, extracting at least one part of the control messages and resynchronizing the content with the control messages by the use of the index file, the identifier of the control message allowing the selection of the current control message from a set of control messages at the time of the exploitation of the content identified by the identifier of the part of the content related to this control message. | 10-09-2008 |
| 20080219643 | METHOD TO CONTROL THE ACCESS TO CONDITIONAL ACCESS AUDIO/VIDEO CONTENT - The present invention aims at solving the financial revenue loss due to the presence of digital video recorders that allow skipping the commercial breaks. | 09-11-2008 |
