CA2184679C - Apparatus and method for establishing a cryptographic link between elements of a system - Google Patents

Abstract

A secure cryptographic network is established among operational units in a system. A public key cryptosystem is initially used to establish secure communication links. Then, each secure communication link will be provided with a unique private encryption key from a private key cryptosystem. Every operational unit in the system will comprise a secure chip integrated circuit. These secure chips will comprise a programmable processor and a read--only memory. A plurality of personalization stations are used to provide each secure chip with a public/private encryption or signature key pair. The secure chips will execute a program from the read-only memory on the secure chips to verify that the public/private key pair has been received from an authorized source. Each secure chip will also be provided with a chain of authentication certificates originating from a trusted authority. The public signature key of the trusted authority will be programmed into the read-only memory of the secure chip, for reliable access to this information. When establishing a secure communication link between two operational units, each of the operational units will authenticate the other operational unit by verifying content and source of each of the authentication certificates in the respective chains.

Description

APPARATUS AND METHOD FOR ESTABLISHING A
CRYPTOGRAPHIC LINK BETWEEN ELEMENTS OF A SYSTEM
Background of the Invention Field of the Invention The present invention is in the field of cryptographic methods for establishing a cryptographic link for communication of information between elements of a system. In particular, the present invention relates to a system and method for exchanging cryptographic keys between elements in a system to create a cryptographic network where each element of the system authenticates the other elements of the system with which it will communicate.

Description of the Related Art A cryptographic system typically involves the application of an encryption algorithm to a plain text message to create cipher text, which cannot be understood without performing a corresponding decryption function. A
relatively simple cryptosystem utilizes the same algorithm for both encryption and decryption functions. Using such a system requires that the algorithm be disseminated to elements of the system, without disclosing the algorithm to outsiders.
A slightly more sophisticated cryptographic system will typically involve an algorithm that operates on a key to encrypt or decrypt messages, so that an outsider cannot decrypt a message without determining both the algorithm and the key. In such a system, selecting a new key is typically much easier than selecting a new algorithm.

Thus, if the security of the system has been compromised, a secure path can be reestablished by securely transferring a new key, without having to develop a new algorithm. Hence, the security of the system does not rely on the privacy of the algorithm. A cryptosystem of this type will be referred to as a private key cryptosystem. One such system, the "DES" system, is disclosed in the "Data Encryption Standard," Federal Information Processing Standards Publication No. 46, January 15, 1977. Use of these private key systems, however, still requires that a key be privately communicated between elements of the system, which typically requires costly and time-consuming measures to ensure that outsiders do not intercept a message containing a new key.

A public key cryptosystem provides a secure link without having to privately transfer keys among elements of the system. Such a system involves a pair of inverse transformations for encrypting and decrypting a message.
Applying one of the transformations to ciphertext that has been encrypted by the other transformation will yield the original plain text message. Again, each of the transformations can involve the application of a common algorithm to a unique key to provide a unique transformation. Thus, a first algorithm and a first key combine to form a first transformation, while a second algorithm and a second key form a second transformation, where the two transformations are inverse functions.
In a public key cryptosystem, each element in the system will have a pair of keys that, along with the appropriate algorithms, provide the inverse functions of encryption and decryption. One of the keys, the public key, is distributed to other elements in the system, without taking any measures to prevent outsiders from acquiring the key. The other key, the private key, is retained by the element to which the keys belong, and this key should not be disclosed for any reason. Thus, neither of the keys have to be privately communicated to other elements of the system. The algorithms and keys used in such a cryptosystem must be selected to render infeasible the determination of a private key, based on knowledge of the corresponding public key. The prior art discloses several thoroughly tested public key cryptosystems that meet these requirements. For example, U.S. Patent No.

4,405,829, issued to Rivest, et al., discloses a well-known public key cryptosystem commonly referred to as the RSA cryptosystem.
To further explain the use of a public key cryptosystem, suppose that elements A and B desire to establish a secure link. Element A will generate a public/private key pair, transmit the public key to element B, and retain the private key to itself. Element B will generate its own public/private key pair, transmit its public key to element A, and retain its own private key. If element A now wants to send a private message to element B, element A will encrypt a plaintext message using the public key of element B. The resulting ciphertext can only be decrypted by using element B's private key. Because only element B has this private key, only element B can decrypt the ciphertext to obtain the original message. In the same manner, element B can send a private message to element A by encrypting the message with element A's public key. Thus, elements A and B have established a secure link by swapping public keys.

The above description of the use of a public key cryptosystem allows for private transfer of messages between elements of a system. Another use of a public key cryptosystem allows elements of a system to verify the source of a message. In the above example, if element A
encrypts a message with its own private key and sends the -3a-message to element B, then element B can verify that the message came from element A by applying A's public key to decrypt the message. Any message that can be decrypted using A's public key must have been encrypted by A because only A has the corresponding private key. This use of a public key cryptosystem is called a digital signature system. Several public key cryptosystems have been developed specifically for this purpose. For example, the Digital Signature Standard (DSS), which is published by the National Institute of Standards and Technology (FIPS
PUB XX, February 1, 1993), describes one such system.
The two uses of public key cryptosystems described above can be referred to as "privacy" and "authentication," respectively. Both of these uses are subject to an ~ r f'.
~ 1 t~4~: ~
4_ important limitation. The privacy and authentication objectives can only be achieved :i.1.`; an element obtains the correct public key for the element wiLh which it wishes to communicate. In the example described above, an outsider X may pretend t;c:> be a true element "f the system, element C for example, and send a public key to element A. Element A, believing the outs:i.der;. to be t~:lerrien.t C, may send its public key to the outside.r X. Then, if element A intends to send a private r.nessage to e1ement C, element A will encrypt the plaintext message us:i.r. g the publ:ic,, key of the outsider X, believing it to be the public key of element C.
Element A will then transmit the ciphertext to the outsider X, again believing the outsider X. to be element C. Thus, the outsider can simply apply i t: s own private key to decipher the cipher text. In addition, outsider X can sign a message with its own private key and send the message to element A. Element A w.i.li. apply the public key of outsider X, believing it to be the public key of element C. Because the keys will correspond, element A will believe t:hat the message was signed by element. C.
One solution to the above-described problem with public key crypt:osysr.ems i.nvolves the use of certificates generated by a mutually trusted aut::.hority. In the example described above, assume _hat eac11 of,: the elements of the system will trust an authori.ty T to recognize the different elements of the system. Eac1 ,, of the e_i.ements of the system can become authenticated by the authority T. 'To obtain authentication, element A will provide its public key to the authoritgr T. After izat, the public key belongs to element A, the authority T will sign, using its own private key, a message cont:.a.i ning the public key of element A. The authority T wi~~.il t.hen provide this signed message, in the fol:m or a c_~ert:::i.i::i.cate, to element A.
Element A. can now provide the c,:ert i.:E ic.ate to other elements of the system co prove that its public key was recognized by the authority T.
When attempting to establish a secure link with another element, for example, c>.lecren.t B, element A will 84t~ 79 , E'~....

transmit the certificate to elemer.t B. Element B will use the public key of the ~~.uthority `[' to decrypt the certificate and verify ttica key of element A. Now, as long as element B can t.rust- t.he de(-isi.on by authority T
to authenticate the public key of eJ.eenerlt A, element B can trust the result .a of' US.iri(:.; tYie pu.:k:jl i.c.~ key of elefnent A for privacy and authentication functiozzs. However, if element B does not have the t::r. ue pub1. i+,:, Key of the ai.z1::.hority T, then the security of: the syst.em naciy also be compromised.
This is an important weakness in many existing cryptosystems.
In, theory, a private key cryptosystem can serve the functions of privacy and authentication very well.
However, in practice, many ilxlx:}..t.en'lentat V.ons of these systems have been compromised. Pirates are often very sophisticated and will o:~_ten go to gz eat: lengths to break into a cryptosystem. Many i.fflp=l.emerit:at-,Lons of cry:)tographic systems have utilized expensive security measures to safeguard against pi.rate::> .. For examp-i E,, systems are often set up to require that twcD cpec:. fi.c people be present simultaneously to perforrrt certain :aen::aitive functions. In many situations, howe.ver, measures, would be prohibitively expensive. Cc.Ensequently, many systems for which the market dc=)es not j_zst.:if_,,, sl:ich expenditures are vulnerable to pirate at.taCck.s.
In addition, a public key cryptosystem will only be secure, even i.1 theory, i. t~ cc}mput:. i. rig a privat:e key, based on knowledge of a c:r.x e.spor~c~inc~ public key, is computationally infeasibie. A-ithougli the prior art discloses several syst(.>.rns 1-hat.: ha-\7e been thorougha.y tested, and appear to sat:;isfy this requirement, these systems also require substantial processing cwapabilities to (.)riginally generate a publ ic/pr.ivate key 1)~f,:oviding thc:: r.equired processing capabiliti.es c.,A.n agair; be prohibitively expensive, especially whc:.rx a. 1..arga r.um.ber of public key pairs is required for a 1~irge numbFar of units in a system.
There is a rleed in the cryptograp1iy i.ndustry for a secure, but relatively inexpensive r.:.:r:,yptotJ.R:-ap}aic system.

Summary of the Invention In accordance with one aspect of the invention there is provided a method and apparatus for establishing a cryptographic network among a plurality of operational units in a system. In addition to the operational units, the system also comprises cryptographic units for establishing the cryptographic network. These cryptographic units comprise a master key station (MKS), an MKS registration station (MKS-RS), an MKS

personalization station (MKS-PS) and a personalization station (PS). At least one of the operational units in the system will function as a registration station (RS).
Typically there will be a number of PSs and a number of RSs distributed throughout a system. There may also be a separate operational unit associated with an RS, for which the RS performs registrations. Every unit in the system, except possibly the MKS, comprises a secure chip integrated circuit, which, in turn, comprises a programmable processor and a read-only memory (ROM) . The method of the present invention generally involves an initialization of the MKS, a personalization of each of the secure chips that will be used in the system, and a registration of the operational units in the system.

In one aspect the MKS functions as a trusted authority and directly or indirectly authenticates every secure chip in the system. The MKS, along with the MKS-PS
and the MKS-RS, will typically be located in a very secure environment. First, the MKS generates a public/private signature key pair for its own use, designated the MKS
public signature key and the MKS private signature key.
The MKS public signature key is programmed into the ROM of each secure chip when the secure chips are manufactured, so that each secure chip will have reliable access to the MKS public signature key.

The MKS may personaliz the secure chips for the PS, the MKS-PS and the MKS-RS. During personalization, a personalizing unit, such as the MKS here, provides the secure chip with a public/private signature key pair, designated the SC public signature key and the SC private signature key. The personalizing unit also provides the secure chip with an authentication certificate. An authentication certificate generally contains the SC
public signature key and a message indicating the functions that the secure chip has been authorized to perform by the personalizing unit. Finally, the certificate is also signed by the personalizing unit.

After personalizing the secure chip, the personalizing unit deletes any copy of the SC private signature key that the personalizing unit has retained. During personalization, the secure chip that is being personalized will execute a program that is contained within the ROM on the secure chip. The execution of this program will verify that the secure chip is being personalized by an authorized personalizing unit. If the personalizing unit is not authorized, then the secure chip will abandon the personalization process. After a secure chip has been successfully personalized, then the secure chip will execute a software locking routine that will prevent any future tampering with the information that has been received by the secure chip during the personalization process. The MKS authorizes the MKS-PS
and the PS to personalize other secure chips; and the MKS
authorizes the MKS-RS to register operational units. When the secure chips for the PS, the MKS-PS and the MKS-RS

have been personalized, then these units can be assembled.
Electronic links can be established between these units and the MKS. Then all four of these units can begin to operate.

The MKS-PS and the PS may personalize the remaining secure chips to be used in the system. Most of the secure chips will typically be personalized by the PS (or the multiple PSs). This can reduce the cost of the personalization process because the secure chips will not all have to be transported to a single location for personalization. Generally, the MKS-PS will only be used to personalize the secure chips of the operational units that are most sensitive to pirate attacks, including the RS. A similar rationale applies to the determination as to whether the MKS-RS or the RS (or the multiple RSs) will register an operational unit. The personalization process performed by the MKS-PS will be similar to the personalization described above relative to the MKS. The personalization process performed by the PS will also be similar to that performed by the MKS, except that the secure chips will also be provided with a public/private encryption key pair, designated the public rekey key and the private rekey key. The public rekey key is included in the authentication certificate, along with the SC
public signature key.

After all of the secure chips have been personalized, then all of the operational units may be assembled and electronic links can be established between these operational units. However, the operational units will typically not be able to fully operate until some or all of the operational units have registered with either the RS or the MKS-RS.

During registration of these operational units, the unit being registered (the subject of registration) may provide its public rekey key and a chain of authentication certificates to the registering unit. The chain of certificates will comprise one certificate from the MKS, authenticating the PS, and one certificate from the PS, authenticating the subject. The registering unit will authenticate the subject by verifying the content and source of these certificates. Next, the registering unit will generate a private encryption key, designated a CSKEY, or a package of several keys, that will be unique to the subject of the registration. The registering unit will encrypt this CSKEY using the subject's public rekey key. The registering unit will then send the encrypted CSKEY and a chain of authentication certificates to the subject. The chain of certificates will comprise one certificate from the MKS, authenticating the MKS-PS, and one certificate from the MKS-PS, authenticating the registering unit, if the registering unit is the RS.
Alternatively, if the registering unit is the MKS-RS, then the chain of certificates will comprise one certificate from the MKS, authenticating the MKS-RS. The subject of the registration will authenticate the registering unit by verifying the content and source of these certificates.
The subject will also decrypt the CSKEY by applying the private rekey key of the subject.

The MKS-RS may perform these registrations on behalf of the MKS. Also, as described above, the RS may be performing the registrations on behalf of another operational unit. If the registration is being performed on behalf of another unit, then the registering unit will securely transmit the unique CSKEY to that unit. Then the registering unit will delete any copy of the CSKEY that the registering unit has retained. If the registration was not performed on behalf of another unit, then the RS
will retain the CSKEY.
The registration of an operational unit establishes a secure link between the operational unit and the unit for which the registration was performed. Only these two units have access to the unique CSKEY, and so each of the units can encrypt and decrypt private messages using this key. This remote registration capability eliminates the "cradle to grave" tracking required by many prior art cryptographic systems. In the event that the CSKEYs of one or more secure devices are compromised, the secure devices can be commanded to register again rather than the expensive "smartcard" deployment required by many prior art cryptographic systems. The registration process can be performed once for every pair of units for which a secure electronic link is desired. The CSKEY can take the place of the unique keys installed during manufacture in many prior art cryptographic systems, especially those used in the cable and direct broadcast TV industry.
The method and apparatus of the present invention provides significant advantages over prior art cryptographic systems. The present invention provides one or more personalization stations that generate public/private key pairs for operational units in the system, so that the operational units do not need to have the processing capability to generate their own key pairs.
This provision can yield great cost savings for systems with numerous operational units. Also, for systems with relatively small operational units, this provision can greatly reduce the size of these units.

-l0a-The present invention also provides numerous relatively inexpensive security measures that are not disclosed by the prior art. For example, the MKS public signature key is placed in ROM of the secure chips so that every unit in the system will have reliable access to this information. This prevents pirates from imitating the MKS, without obtaining the MKS private signature key. A
portion of the personalization routine is also placed in ROM of the secure chips so that pirates cannot personalize secure chips using an unauthorized personalizing unit, by bypassing the authentication and authorization checking functions of the personalization process. Another feature of the present invention is that each unit involved in both the personalization process and the registration process authenticates the opposing unit in the process.
This significantly complicates the difficulty of a pirate breaking into a system, without significantly increasing the cost of implementing and maintaining the system. The present invention also provides for remote registration of operational units to further reduce the cost of implementing and maintaining a cryptographic system. A
person of skill in the art of cryptographic systems will recognize numerous other novel security measures from the detailed description of the preferred embodiment of the present invention.

A further aspect of the present invention is a method of establishing a secure electronic link between a first unit and a second unit of a cryptographic system. The method begins with the steps of generating a first public key pair consisting of a first public key and a first private key; securely communicating the first private key to the first unit; and sending a first chain of authentication certificates to the second unit, where this -lOb-first chain of authentication certificates authenticates the first public key. The method continues with the steps of generating a second public key pair consisting of a second public key and a second private key; securely communicating the second private key to the second unit;
and sending a second chain of authentication certificates to the first unit, where this second chain of authentication certificates authenticates the second public key. Next, the method continues with the steps of authenticating the second unit in the first unit using the second chain of authentication certificates and authenticating the first unit in the second unit using the first chain of authentication certificates. Finally, the method concludes with the steps of communicating a private encryption/decryption key, encrypted in the second public key, from the first unit to the second unit and decrypting the private encryption/decryption key in the second unit.

In accordance with another aspect of the invention there is provided a method of establishing a cryptographic link between a registration station (rs) and an operational unit (ou) of a cryptographic system. The system includes the rs, the ou, a master key station (mks) and a personalization station (ps). The method involves initializing the mks and the ps by a method including the steps of providing the mks with an encryption/decryption key pair consisting of an mks public signature key and an mks private signature key, providing the ps with an encryption/decryption key pair consisting of a ps public signature key and a ps private signature key, providing the ps public signature key to the mks, ans providing the mks public signature key to the ps. The method also involves creating a ps certificate in the mks by creating a message containing the ps public signature key and an -lOc-authorization for the ps to personalize the ou, signing the message with the mks private signature key to create the ps certificate, and communicating the ps certificate from the mks to the ps. The method further involves personalizing the rs by communicating a first copy of the ps certificate to the rs, generating, in the ps, an encryption/decryption key pair for the rs consisting of an rs public signature key and an rs private signature key, securely communicating the rs private signature key from the ps to the rs, deleting the rs private signature key from the ps, and creating an rs certificate in the ps.
Creating an rs certificate in the ps involves creating a message containing the rs public signature key, signing the message with the ps private signature key to create the rs certificate, and communicating the rs certificate from the ps to the rs. The method also involves communicating a second copy of the ps certificate to the ou, providing the mks public signature key to the ou, verifying in the ou that the second copy of the ps certificate was signed by the mks by applying the mks public signature key, verifying in the ou that the second copy of the ps certificate authorizes the ps to personalize the ou, and generating an encryption/decryption key pair in the ps for the ou. The encryption/decryption key pair includes an ou public encryption key and an ou private decryption key. The method further involves securely communicating the ou private decryption key from the ps to the ou, deleting the ou private decryption key from the ps, and creating in the ps an ou certificate for the ou by creating a message containing the ou public encryption key, signing the message with the ps private signature key to create the ou certificate for the ou, and communicating the ou -lod-certificate from the ps to the ou. The method also involves registering the ou with the rs. Registering the ou with the rs involves the steps of communicating the ou certificate to the rs, communicating the second copy of the ps certificate to the rs, providing the mks public signature key to the rs, verifying in the rs that the second copy of the ps certificate was signed by the mks by applying the mks public signature key, verifying in the rs that the ou certificate was signed by the ps by applying the ps public signature key, the ps public signature key having been obtained from the second copy of the ps certificate, communicating the rs certificate to the ou, communicating the first copy of the ps certificate to the ou, verifying in the ou that the first copy of the ps certificate was signed by the mks by applying the mks public signature key, verifying in the ou that the rs certificate was signed by the ps by applying the ps public signature key, the ps public signature key having been obtained from the first copy of the ps certificate, generating in the rs a cryptographic data element for the ou, encrypting the private encryption key in the ou public encryption key, the rs having obtained the ou public encryption key from the ou certificate, communicating the cryptographic data element, encrypted in the ou public encryption key, from the rs to the ou, and decrypting in the ou the private encryption key by applying the ou private decryption key.

The cryptographic system may include a communication system.

The communication system may include a subscriber television system.

The rs and the ou may each include a secure chip, and the secure chip may include a programmable processor and a -10e-read-only memory, the read-only memory containing the mks public signature key.
The steps of verifying in the ou that the second copy of the ps certificate was signed by the mks and of verifying in the ou that the second copy of the ps certificate authorizes the ps to personalize the ou may be accomplished by the programmable processor of the secure chip executing a program in the read-only memory of the secure chip.
The message created during the method of creating the ps certificate may additionally contain an effective date and an expiration date for the ps certificate, the read-only memory of the secure chip additionally contains a manufacturing date code, and the method for personalizing the ou additionally may involve the step of verifying in the ou that the manufacturing date code in the read-only memory of the secure chip may be between the effective date and the expiration date for the ps certificate.
In accordance with another aspect of the invention there is provided a method of using a first unit and a fourth unit to establish a cryptographic link between a second unit and a third unit of a cryptographic system, the second unit and the third unit being connected by a communication link. The method involves the steps of generating a public key pair including a first public key and a corresponding first private key, the first public key being stored in the first, second, and third units, and generating in the fourth unit a second public key pair including a second public key and a second private key.
The method also involves generating a certificate in the fourth unit including a statement of authorization designating the first unit as authorized to generate a third public key pair, digitally signing the certificate -10f-in the fourth unit using the first private key, and securely communicating the digitally signed certificate to the first unit. The method also involves generating in the first unit the third public key pair consisting of a third public key and a third private key, securely communicating the third private key and the digitally signed certificate from the first unit to the second unit, applying the first public key to the certificate to verify that the certificate was signed by the fourth unit, reading a message in the certificate to determine whether the first unit has been authorized to provide the public key pair, and deleting the third private key from the first unit. The method further involves communicating the third public key to the third unit, and communicating private messages from the third unit to the second unit using the third public key pair.

The cryptographic system may include a communication system.

The communication system may include a subscriber television system.

The second unit may include a secure chip, the secure chip may include a programmable processor and a read only memory, the read only memory containing the first public key.

The certificate may additionally contain an effective date and an expiration date for the certificate, and the read-only memory of the secure chip additionally contains a manufacturing date code, and the reading step additionally may involve the step of verifying that the manufacturing date code in the read-only memory of the secure chip may be between the effective date and the expiration date for the certificate.

-lOg-The reading step may be implemented in a program in the read-only memory of the secure chip and the program in the read-only memory may be executed by the programmable processor in the secure chip.
The third public key pair may be suitable for providing and analyzing digital signatures.
One of the private messages may involve a cryptographic data element.
In accordance with another aspect of the invention there is provided a first unit of a public key cryptosystem. The public key cryptosystem includes the first unit, a second unit, a third unit and a trusted authority, the trusted authority authorizing the third unit to provide the first unit with a public key and a corresponding private key, the third unit generating the public key and the private key for the first unit. The first unit includes a communication circuit for establishing a cryptographic link with the second unit by providing the second unit with the public key from the third unit. The communication circuit includes a secure circuit, the secure circuit containing a program for determining whether the third unit has been authorized by the trusted authority to provide the public key and the private key. The communication circuit receives the private key from the third unit only after the secure circuit has executed the program to determine that the third unit has been authorized by the trusted authority to provide the public key and the private key.

The secure circuit may include a secure integrated circuit, and the secure integrated circuit may include a programmable processor and a read-only memory, the read-only memory containing the program, and the program may be executed by the programmable processor.

The first unit may function primarily as a communication unit.
In accordance with another aspect of the invention there is provided a cryptographic system. The system includes a first unit, a second unit, a third unit, and a fourth unit, the first and second units communicating securely by utilizing at least one cryptographic data element, the cryptographic data element being generated by the third unit. The third unit communicates the cryptographic data element to the first and second units, and also communicates to the second unit an authorization certificate received from the fourth unit, such that the second unit verifies that the third unit has been authorized by the fourth unit to generate the cryptographic data element.

Brief Description of the Drawings Figure 1 illustrates a general functional block diagram of a cable and satellite television system incorporating the cryptographic method of the present invention.

Figure 2 illustrates a flowchart for establishing a secure communication network in the cable and satellite television system of Figure 1.

Figure 3 illustrates a flowchart for the personalization by an MKS of a secure chip of an MKS-PS, an MKS-RS or a PS of the system of Figure 1.

Figure 4A illustrates a flowchart for the creation of an authentication certificate and an initialization message by an MKS for a secure chip of an MKS-PS, an MKS-RS or a PS.

. ,,..
~_ t..

Figure 4B illustrates a E~lowcharr fc:r the authentication and verification by a secure chip of the authentication eCertii.icate arid the initialization message c.rE~at:.eJ. by t.hc::! I:;rocesses of Figure 4A.
Figure 5 illust.rates aflowcha:rt foi the personalization by a PS or." an MKS - P.; c:af: ~3 s~(.-t:ire chip of a HE, a DEC, an ECS, an I~,C:"S-RS or F, UL of the system of Figure 1.
Figure 6A illustrates a f:Lowchart; fo~~- the creation of an authentication certificate <And an initialization message for i secure ch:3.I) of 4i HE, a DEC, an ECS, an ECS-RS t..~, r a UI.,.
Figure 6B :illust:rates a f_lowcha.rt f_-ox: the authentication and verificat.M_on by a secure chip of the authenticatiori c_:ertificat~.e and the initialization message createc::9. by t.txe r7,rocuesses of Figure 6A.
Figure 7A illustrates a flowchart forthe registration by an MKS --RS o.f an F~C:'S ,ari EC~z:a -. RS and a UI-I of the system of Figure 1.

Figure 7B illustrates a 4:~.~E.cawc:~l:iart: fo:r t:he re(gistration by an ECS--RS of a channel of ax: HE of the system of Figure 1.

Figure 7C illustrates a. flowchart fo:r the registration by an ECS-RS of aI)EC ot thr-_ system of Figure 1.
Figure 8 illustrates a flowchart for- the authentication and verification :-he authentication c,ertificates exchanged c';iux-:izzcl the recIistration processes of Figures 7A, 7B and 7C.
Detailed Descri-ption of the ''-tefer-red Ernbodimerit Figure 1 illustrates 11 :.~-ab1.e .Ind sat:.ellit.e television communication system incorporatinq .:he cryptographic system "t 7) 1..3 of the present. invention. 1,lthough the preferred embodiment of the p:r_eser.~~.t. :in%~erk.t:a.~...ul will be described in relation to a subscriber television system, one of skill in the art will uriderstanc:i t:. he d I. sc.l.osure to apply to a wide variety of communicatior-i systems. For example, the present invention can. be app1 :i Fa.d t:c, a subscr:i..ber radio system or an ordinary computer netwoik. In addition, one of skill iri the art w111. U:rad~:_~-r:_st:.a.nd t.:f ie present clisclosure to apply to other systenrs for which communication is not the primary purpose. F<::r the present invention can also be applied. to ari alarm system to establish a secure communication li.nk: between different elements of the system. LJse cf the word. "commun.a.cat i. on" or "communicate"
in the present specif:ication i.s gene:rally iritended to refer to the general concept of tran5fe:~rrl.rGg informat.:.on from a source to a destinatiori. These terms should not be construed to _1imit: t::.}ie scope (,f I:f1e invention tc,) a "communication system," w:trere the ;.)rirrrary objective of the system is to commun.i.cat.e intc,imat ioaz. The present invention can apply to systems in which the communication of informat.ion is orzl..y a. m:i.:uox:-, or everl insignificant, aspect of the overall system. In fact, the present invention can be adapted f:(::)r _rse in any system f(:)r which a secure cryptographic link. is desired.
For purposes of: this a'"communication link" will, comprise som~.:a phys:i.cal medium over which information cari be corrlnrurricated between two elements of a system and sorne mutually Iffret.hod or tecfznique for communicating. The physical communi.cation medium may . .. . , , comprise, f:or example, a t~iard-wz.:r=f.>c::i ei.ectrical cc)nnection, an ordinary telephone line, a computer network line, a fiber optic czih)lc:~., or a z<~,ci io b:roai..,ast, c::c:ammunication link.
The communication method ux- technique may comprise, for example, a spFc:..fic language, a ,diared syntax for coded messages, or an enc.rypti.on%decryption algorithm. A
"communication network" J-1.1 1.(':~.i,^,e:r.r tc:~ a set of communication links, where each corrlmunication link may use a different physical mer:iii.zm and a different ~4o 71~

communication method or techn.i.que. A communication link or network will be "secure" if an encxyptioi:z/decr.yption system is used for which determination c~f encrypted information is computational.ly or econornica.ll y irafeasi.ble without knowledge of specific dec-irypt;i.c:a info,r_mation and where the decryption ir.iformation. his not. k;,een I,::::c.jui.red by c)utside-rs, or if a sigr:iature/vex i.f::i rzt:.:~orr ::3~ stErm i.s used for which unauthorized insert.ion c.) r, mc:;{:i if:i_<:YEition c, f signed informatiori is (:omputatiorraJ..ly or c:>c.c:,)nomically in.feasible without knowledge of ;.apecif:ic signat,ux:=e information and where the sigriat ure inforn-iai:: i.c>n kra5 ciot:: been a,,.,quired by outsiders. Preferably, a.ri i.on,~`decryption system is used for which cieterminat:ic :-i of: E~rr(.-rypted information is computationally infeaslb;l.c~~ ',tiri.t:houl, know:iedge o:f specific decryption information, and a signature/verification system is used for whi c7i unauthor_i 4ELL-d :i.r:rser t i,.:)n or modif icat ion of signed information is computationall,,r' .infeasible without knowledge of specific >i~nae~~~re infarmation. A
communication link c) r IiE,!Lwo'rk will be considered "compromised" it an outsider a+,:qua_res the decryption informatiori of an encryption/decrypt:ion system or the signature informatican of aL i.:4nat.ure/ verif ication system.
An "outsider"' or "pirate" w.ill rel:er to a person or communication unit k.hat is not, an iriteraded recipient or source of certain informatiori.
A person of skill irl the art will understand that the preferred embodiment of the present irrvention may comprise a pure cable television systern, a pure satellite television system, or a combination cable and satellite television system. The preferred embo(iiment c:>f the present invention will be described i.n terms o:k:, a i:-a.ble and satellite subscriber television syst-.er~'.. The ~::)referred embodiment relates to a method and apparatus f,)r establishing a secure communication link between the dit:ferent elements of the subscriber television system kc;r wh.ich communication is desired.
Returning to the ;:Mbscriber t~Aevision .,~ystem of Figure 1, the preferred embodiment c,omprises a number of ~
4' b communication elements c:~>r units, including a master key station (MKS) 100, an MKS rc,giti;t:.xation station (MKS.-RS) 102, an MKS personalizat;:1_c'n. ;.>t:.c1t.:ic:n (MKS--PS) 104, a secure chip personalization st.a.ti~.~an (?~~~) 106, an entitlement control system (ECS) 108, an H'("S registration station (ECS-RS) 110, a:ri. upli:rik UL) 112, a head end (HE) 114, a cable decoder box (DE.C) 1.16 and satellite decoder box (DEC) 118. The MKS 100, t-he MK.S-R.S 102 and the MKS-PS 104 could alternatively be cornk:7ined to form a single unit.
Also, the ECS 108 and tlie ECS-RS 110 could be combined.
Each of the commun.i.cat._i.on E.~"lemer.t:s i.n teie system will preferably comprise a pror:l ram.mable com.puter. Each of these computers will be programmed to perform the appropriate functions of the present_: i.nv-entiori, as described below.
Each of the c.ornmun.;.catioi-7. eliement.s :i.n tPZe system will contain one or more :integrat.e~ci cirt:~uit:: components referred to as secure chips (SC) 140. A:i..so, the head ent:1 114 will comprise one or more riead end channels 142, eacii of which will contain one or more se~.:,:.a.s.rve cni.ps 140.
The MKS 100 is c(_)i.z,e~1(=!ct:,eJJ. tc:) the PS 106 by a communication line 119. For a subscriber t.elevision system, messages will pre:terably be transferred between the MKS 100 and the P:f 106 b~~ a irt.a.iitc:ar:i courier physically transporting the messages. 'I'iius, the l.:i-rxe. 119 max,7 comprise a courier wal.king betweez: tin:i_1_s, and need not comprise an electronic medium. The MKS 100 and the MKS-RS 102 are connected to the UL 112 by a communication line 120. The MKS 100 and the MKS--RS 102 :a:r_e cc_>rtz':iec,ted to the 1~}CS 108 by a communication line 122. Again, the communication lines 120, 122 will preferably con.sist +'af a human courier physically carrying mcssages between the respective units.
In some embod.iments, a phy-,si.cra:lly x,rotected (~>lectronic medium may be suffic.ien.t:ly secux-e for the lines 120, 122.
The ECS 108 is connected to 17he UL 112 by a communication lirie 132. The ECS 108 is connnect_ed to the head end 114 by a communication i.ine 124. The }^.;C"S-RS 110 i.s connected to the head end 114 by a communi<.,z:ition. line 126. The UL 112 is connected to the head end 114 :Dy a communication line 84b,~7) ] r.; ...

128. The head end 114 is c(-_-)nnec.:^t:ed to the cable decoder box 116 by a communic:at i,.-An :i. :i.:r-ae 134, The ECS,-RS 110 is connected to the cable decoder c(:),w; 116 by a corrimunication line 130. The ECS-RS 110 is connected to the satellite decoder box 118 by a cornrnunic:atiora lirie 131. 'The head end 114 is connected ta the satellite decoder box 118 by a communicatiorl 1.:i.ne 136. 7:'r.c_- UL 112 :.i.s connected to the satellite decoder box 118 k~ay a comcnunLcat.i.on line :138. In addition, local communicar_ ion l..a.n~ s,~.re provided between the MKS 100, the MK.S-R5 102 a.rid the. MKS-PS 104, and between the ECS 108 arid the ECS- kS 110, although these lines are not illustrated in Figure 1. Tt-ie. MK:> 100, MKS -RS 102 and MKS-PS 104 may be dif: fer.rrrt: units within the same equipment housing, or ~..:,t:~.herwiSe j.phys:ically c.;onnected.
On the other hand, :i.f these uni.ts 100, 102, 104 are physically separated, then the loc.al communication lines will be physically protected, sucr~ as by human courier.
The communications line between the ECS 108 and the ECS-RS
110 will either be pt1ysi cal :l_y protected or cryptographically secure(;i.
The subscriber t:.el.eva.sic-)1-1 sysi:-em of Figure 1 performs two primary funct-... ions . F i. r.-st... , tinF, system distributes the various video signals constituting the various television channels, one ox more of.' whicii m,~iy be scranrbled, to the different cable decoder k,ox.tu..a 116 aiid sat:ellite decoder boxes 118 in the system. S,-_(::~:)rica, the system distributes cryptosystem keys aric3 ot}lez to allow specific decoder boxes 116, 118 to unscramb.',.e the appropriate video signals and receive the appropriat:e i=elevi,sion programs.
A typical implementation of the present invention in a subscriber television system rnay comprise a single master key station 1.00, wit h an e'eqi.st.ration station 102 and personal::i.zat::ion ;~,t::4atW..on 104; between 10,20 secure chip personaliza.tion stat.i~:,ns 106; from one to ten entitlement control. syst,ems 108, with associated registration statioris 110; from one t.o ten uplinks 112; on the order of 10,000 or criore head ends 114; and up to approximately 10, 000, 000 de~~~~~c::,der ~k:~c>xF:.~s 116, 118. However, '7 ~
~

for convenience, the decac:i:ipt.i.(;~)n will generally assume a system comprisiriy one of each type~r of unit.
The commuriication liries 132, 126 and 124 may constitute ordiriary computer network interfaces. There is no need to ensure that pirates c;icca rzot have access to these communication lines. Th~- present invention will, provide a secure communic,ation en-tri.ronmerit:, despite such pirate access. The commun:icata.orl 1.::ine 128 provides a satellite communicatior.L interface bet::wE:}E^11 t.~7(, r..q:~l:i..nk 112 arid the head end 114. The communication 1 ir7e 134 is a standard cable interface between a fiead erld 114 and a cable decoder box 116. The communicatiori 1:ine 136 provides a satellite communication. interface between t.he :head end 114 and a satellite decoder box 118, such as in an existing "television receive only%pa~4 throug~i'1 system (TVRO/PT) .
The communicati.on 1 ine. 138 pro r:i.des a satellite communication interface k)et.wee>n the ia.pl.i.nk 112 and the satellite decoder box 118, ~.~~~sucrl as in an existing "television receive onl.y" syr-,tem ('I'VRO) . The comrrtunication lines 130 and 131 are standard telephone lines.
The uplinks 112 receive v.idec:" signals from a variety of sources, sut..,h as a f i rst;. run mc)vi(:-, source. The uplinks 112 distribute these video si.qna"i.:-~ tf) the different head ends 114 in the system via t:he r~,::rrrirntzni(--,atic.m lia:ie 128 and _ to the different s<~tel:J..i.t~.e c~e~:~~,::~~~.ier boxes 118 via the communication l.`.ne 138. Eackz c)f t:.h~:', head ends 114 distributes these video siclnals to a number of the cable decoder boxes 116 via the c:ommunicatiori line 134 and to a number of the satellite decoc er boxes 118 via the communication line 136. The up1..i:rlks 112 may scramble one or more of the video signa.:1.s before transmitting the signals to eithe..r. the head end 114 or t.he satellite decoder boxes 118. I:f ::,,o, t:.hcy~n the }ic...ad 114 will typically unscramble one or mc>re o~i:: t-.],ze: ::3cr-ambled video signals.
Before retransmitting i:..f:Ge^ -,r:i,cit;c:) ~77.qnaiis -to the decoder boxes 116 and 118, the head .:.1rid 114 may also scramble one or more of: the video sigrial.s. Tiie decoder boxes 116 and 118 will then unscramble one or more of the video signals I6 4 o 1f~
that have been scranibled by either t..he head end 114 or the uplink 112.
The entItlement cyontrol system 108 can control which head ends 114 and whic}i decoder boxes 116 and 118 can unscramble each of their video signals by selectively providing them wi9h sppropri_ate decryption information. Tlre ECS 108 <~::~_so c~:,ntrols the scrlimblirig of the video signals by tixe I.71., 112 and the HE 114 by p:rovi.ding these units with appropriate infor.may.:.ion. The process of controlling ar..c.~e:s43 t.o %ridec> signals by different elements in t:he system wi.I.:i be referred to as "entitlement. " The enc.~:r,s;rpt..i.can;`dec: ryption information disseminated by the ECS 108 must be carefull.y guarded because, if a pirate obtains this information, the pirate can have unauthorized access to tl-ie J:ideo signals of the subscriber television systen,. In other words, r_he pirate could watch television program,~ vv:i.thout paying any subscriber fees. such f.A.racy c-an deprive .3ubscriber television providers of.: great: sums of earned inc'ome. The present invention provides ~~l method :foc. establishi.ng secure communication links for the ci.issemi.riat:.i.on of this, c:ritical encryption/decrypt:ion inf, c; rmc:tL.i.on , The master key strxti.on 100, the MKS registration station 102, the MKS station 104, the secure chip personali.zat i.or.. sta-:ior:~ 106 and the ECS
registration statiori 110 tio not ha-V'e' any direct control over the distr:.ibuti.on of the video signals or the entitlement of different head ends 114 or decoder boxes 116, 118 to receive the d.ifferent video signals. Instead, the main funct:iori of these uriits is to establish a secure communication rietwork f(Dr ti-re remai.ning units of the system, as described in g:t.eatez: detail below. These remaining units, the ECS 108, 'he i..7L, 112, the HE 114 and the decoder boxes 116, 11.8, wi.:Ll. be referred to as "operational unit:s. "
Figure 2 il..lust.ratc-,s t.hk~~~ px eferred method of the present invention for establ:i_::,hirrg a secure communication environment for the ope:rati.onal 1.,imi.i.ts of the subscriber 21~~6 -79 television system of Figure 1, . The method begins at a block 200. At a process block 202, the MKS gerie:rates an MKS public/private signature key pair. As described above in the description of the re i_at ed ax-t, the prior art discloses several thoroughly tested methods for generating a public/private signature key pai_r. A person of skill in the art will, understand ho.v to generate public/private signature key pairs by referring to appropriate prior art DSS, references, such as the llwhich was referred to above.
The DSS will bc:: the prelerred ,:r i.qc>,:it: hm for generating public/private si.gnatux: e. ),>r_-ay pairs, a lt..liough. other algorithms can also be used.
As described above in the descripti.c.rn of the related art, a public key c.rypt.osyst.em wi1 L typically only be secure if each private key i s known only by the entity to which the private key belonqs. Ir7 addition, each of the public keys rnust. be distributed dn a manner that allows each element of the system to aut1:7F.enta.c.ate the source of a public key. The present i.nve~nC~.:ic,n imp1C~ments an authentication scheme based on a.ut;hent: ic:ation certificates generated by a "tru.sted aut:ho:i_i.t.y. " `t:'hE: MKS 100 will function as this trusted autho.r.ity. As described above, a public key cryptosystem based on authentication by a trusted authority wi.l.l oniv he seci.zre if each of the elements of the system obt:ains a true copy of the public key of the trusted authority. In the present invention, the public key of tlse MKS 100 is distributed to the elements of t'rie system in a veiy reliable manner, as described immediately below.
In the preferred embodiment, each of the units in the subscriber television system, except possibly the MKS 100, will contain a secure circui. t that performs cryptographic functions of the present invention. The secure circuit will be resistant to tampering ...ind eavesdropping by a pirate. Preferably, the secure circuit will take the form of an integrated circuit c:ompoiaent, reLerred to as a secure chip (SC) 140, as shown in Figure 1. Each of these secure chips 140 in the difterent ta.ra.i.i::s of the systE_.~m may be ' 0 identical to one another, (Dr they may contain different software routines tc) perform ttie cii_fferent functions required by the differ ent un.lts in the system, or they may have different hardwa-re cchnf -Lqurat.ion.3 . Nevertheless, each of the secure chips 140 f az t..fiH syr:>t em wa.11 contain at least one common feature; namely, tY-Ye p7..zb:l.W_c key of tt'ie MKS 100 will be programmed i.nt(-.') 7:'raad-on.i.y merrzory (ROM) on the secure chip 140 to prov:ide 1,,e.x:=ma.nent, storage of this key.
This step is performeci. ~d, a t.a.I=c>CE~sS iD:.iock 204 of Figure 2.
Thus, the mask that i_a i.zsed to manu.f actu..r. e the secure chips 140 will. contain. the puk:>1..ic key of the MKS 100, Because the ROM ca.nnot. be changed after an integrated circuit component is manufactured., any secure chi.p 140 manufactured using a mask containing the public key of the MKS 100 will have reliable access t:o the pub_l.ic: key of the MKS 100 for the life of the secure ckrip 140.
At this point, tlie system comprises an MKS 100 and a number of secure chips 140. Next, at a process block 206, the MKS 100 persona:.lizes a t-,erure chip 140 for the personalization station 106, Lr,E' MKS persoi:ialization station 104, or the MKS station 102. The process block 206 w.ill be executed once f.:or the MKS-RS 102, once for the MKS-PS 104, and cv,rice r~-c:,:r each personalization station 106 in the systk:=rr~. '1he personal:i.zation process achieves three main objE.-,(-t-.i.ves. Fi.i-st, it provides the secure chip 140 with Ei p~-th:L:i cJpr _i.z,at.e s i.gnature key pair, without allowing any c:~the:i:- e..lemen'- tc.) have access to the private signature key of the secure chip 140. in fact, after the personalizatiorL process is completed, even the unit performing the personaJ.ization.does not have access to the private signature key of t.he secure chip 140. Second, the personalization process px.'ov:.a.des the secure chip 140 with a chain of autrientic:at.ion ut~rti.fiUates so that the tc> c>t:.t~rc:;]r E;-~lerrlents that it has secure chip 140 can proz,~~~-beeri directly or :i.nd:.i.rec.t:] y}perso:aa:I u zed by the MKS 100.
These other elements can ver:i,f.'y the a.uthent:.icat:ion of the secure chip 140 even if the.ay only possess the public signature key of the. MKS 100. '.[':ie t-.hird main objective ~ U;f achieved by the personalization process is to ensure that the process is performed only by an authenticated and authorized source. The process icr the personalization of the secure chips 140 of t.:hE:'PS 106, the MKS-PS 104 and the MKS-RS 102 by the MKS 100 wi.ll be described in greater detail below, with reference l..o Figure 3.
After a secure ciiip 140 has been personalized, it can be incorporated i.nto one of 'vlze communication units of the system. After a secure chyp 140 has beexi incorporated into the PS 106, the MKS -RS 102 and the MKS-PS 104, then each of these units, along with the MKS 100, can begin performing its intended functions, :iilcluding communicatinq with one another over the cozrimunical:ion l:i.rre 1,19 and the local MKS
communication lines.
At a process block 208, ti-ie personalization station 106 personalizes the secure chips 140 for the channels 142 of the head end 114 and the decod?i: 116, 118. 'The process block 208 will be executed {:rac ~a for ~c~}~ cwhannel of each head end 114 in the systk,arri arid once f;or each decoder 116, 118 in the systlem. The J:,r~0Cr..=!Ss fo:r,.' t.he personal.Lzation of the secure chips 140 by t;he fDersonalizat:ion station 106 is similar to the persor,ralizati.on r:>f t..ize secure ch:i.ps 140 by the MKS 100, except that: t-.he pc-;,r:;orla:L:i.zati.on 5t: at.ion 106 also provides t:he secur_(:r! cA -ip 140 wi.t-.h a publ:ic/private encryption key pair, desigr7a'...ed t,k~it> rekey key pair. After the personalizat.i.on p:rc:l c:~e S:; 1..1E compl.et.ed, the personalization station 106 r.c.> lonc:;er f-ras access to either the private signature ke.V c:;x the f.>:ri.v'a.t(:n rekey key of the secure chip 140.
At a process bl.ock. 210, t.;'re MKS pe.rsonalization station 104 personalizes t::he ,~ec urc,~ ch.ips 140 fc::>r the ECS
108, the ECS-R.) 110 Lin(;l t.1ac= UJ:.p 112. 'C'he process block 210 will be exeeute::I on.c'E::! for c:=ac~ri 108, once for each ECS-RS 110 and once for ~.~ac~h ;.;L, 112 i.rr the system.. This personalization processs i.S, ":r(.ar_},s.i.m:ilar t:o the personalization of t:h(-? Q, ec:I urta chips 140 by the personalization station 106, Both of t:hese personalization 4 b;') ~~~..

processes are described i. ~. yreat:ei~ detail below with reference to Figure 5 ,.
After ever~r secure c: 1 i:.p 140 has been personalized, each secure chip 140 w::Ll.l bc= _i_ncorporated into an appropriate communicat.i_on ta.ni t. At this poirrt , the MKS
100, the MKS--RS 102, the MKS--F'S 104 ard every PS 106 in the system will have its own ptlbl.ic/p:r::-i.vate signature key pair.
In addition, every ECS 108õ every F=;CS-RS 110, every UL 112, every channel 142 of every :KL, 11.4, and every decoder box 116, 118 will have its own public/private signature key pair and public/private rekey key paiz. In addition, every communication element, except the MKS 100, has a chain or hierarchy of autnenticatiori certif i cates linking it back to the MKS 100.
For example, a cable decoder box 116 will have a hierarchy of authent.ication =vertif_i.car-es consisting of two levels. The first or hicghe::ct certificate will be a PS authentication certificate cr(.~,-it:ed by the MKS 100 for the PS 106 thiat persorza i. iZr^d t ika cak.)lF= decoder box 116.
The creator of an (:;Eart:if:icate will be ' of the . c; ,_ Y =:~_ i. _~/
referred to ~~is ,.,he "'autYLc--~,rlr.:.x' '' c.~ext.~lc.~.. ~tc. w i e ,.
the secure ch:ip 140 being <-iut.hr::~nt ::Lca.t.ed wil7.. be r+.,ferred to as the "subj ect." of *_he c ert:.i f i c:,,ate . Also, the uriit containing the secure chip 140 may also be refe:rred to as the subject. This w:i l l. indicate that the MKS
100 has recognized the pm,ak,l a. ~- key of ttze PS 106, and that the MKS 100 has authorized tl;.e PS 106 to pe.rsonalize other secure chips 140. The 1.ast c:)r l.owest- l.evel certificate will be a SC authentication c.er~: i fi..cate for the cable decoder box 116. This certificate will indicate that the PS 106 recognized the public signature key of the cable decoder box 116, and that the cable decoder box 116 is authorized to operate as a c.-able <lecc.>der box 116. Thus, the PS 106 is tkie aut.hox-it.y witYi respect to this second certificate, while the cable decoder box 116 is the subject. The combi.nati.on oa these two auth(,--.,~ntication certificates provides .ind-i.rect. aus:hent.ication of the cable decoder box 116 by the MES 100.

After a secure chip 140 x~ias b(.:era in.corporatE::~d into the ECS 108 and the ECS-RS, 110, `_l-lerz t:lie.s4~~ two uriits can begin to comnlunicate with oz-ie anot..'-Let o-ver the local ECS
communication line. :~owever, all rernairiing communication links will remain inoperable urit,il appropriate units are registered. First, at a process block 212, the MKS-RS 102 registers the ECS-RS 110, the taC:'S 108 and the UL 112. The process block 212 wi.1::. he +.:,>:ecut-kac:;l s::at least once for each of these units iri the :.,,ys,-t:.F,m. Thz.,:, regist:ration is performed on behalf of ttica M1aC:c".3 100.
The registration prcC, es ..~~4 cornprises tl-iree main functions. First, the unit, perf(Drming the registration authenticates tl.7e unit t~.o be registered by checking its chain of authent :i.cat ion cert i_ fi cates .':. i.nking it to the MKS
100. Second, the unit t~.:) bc-a reg-i..ste7:,ed authent:i.cates the unit performing the regist rGrt::.i_c3n k:;Y checking it=, chain of authentication c.:.ert:if:i(-_,at:cks I:inkinq it, t.c:> t.he MKS 100.
Third, the unlt per:form::i..n<i tlie regi::,t::rati.on gE::!nerates a random private encryptiorr key and privately sends it to the unit to be registered ~.~.nd t_o t:.l:-le unit for which the registration is being per,torrned. '.I'he unit performing the registration then destroys all copies of t:..he private key that it has ret:ained, so tl.-).,at tt-ie other two units can establish a secure commt,rnical;::i..on link using the private key. The format: of this, pri.vate encryption key, and the algorithm used to qenerat.¾::~ t:t.....e key will depe:ad on the particular implementation of tYLe entire system. For example, for a system utilizing ttie descrambler system disclosed in U.S. Patent No. 4,634,808, issued t(i) Moerder, the private enc:r-ypt ion key wi ll comprise the unit seeds described in that patent. Thc.~ rec,i.st:rat:ivon of the ECS-RS
110, the ECS 108 and the tv,L, 112 by the MKS -RS 102 will be described in greater deta.:i1. :k.;el.ow ~ui_t:.r, reference to Figure 7A.
The regist:ratiori process also serves to identify the newly registered unit to the MKS 100 so that the MKS 100 can begin transmitt-ir:tg appropriate rnessages and information. This identi.ticat.ion upor registration allows ~ I lJ

a system to be implemented without predefining the number and location of each type nf i.anit. i.r. the system. This adds great flexibility to the mp:l_c~me3.:t<;a.t.iorr of a system of the present invention. I:n add-i.t:ion, th;i.s aspect ~.-illows the configuration of the syst.err to he expanded or- modified while the system is op~~!r,:,;O-.a.r~ic:;. Thie sarne rationale applies to registration of HE channels 142 and decoder boxes 116, 118. At this point in the preserit: i.n,rerttion, the ECS 108, for example, is unawa7.--F> o:f` ::iny ~HE ch~.:a.nnels 142 or decoder boxes 116, 118, and has a-:ic:> know;ledqr.- as t:o the ultimate number or conf i.gra.rat .i on c: f t~ieti>e ru .j. ts. As each tiE channel 142 and each decoder t::xox 116, 118 is registered, then the ECS 108 begins transm_i.t:t::.11.1-I<<3 appropriate messages and information to the newly reg-i.stcyr. :~d At a process block 21.4, t:he RC'S-RS 110 registers the UL 112 and a channel 142 of t-:l're c:Ind 114. The process block 214 will be ex.ecuted. one tim+,? fc:~r each UL :112 in the system and for each ,.~..,hannr..l 142 in. r-^ac~1 Yread end 114 of the system. Iri this registrat:ioz-i pro,-,~.ass, ttie ECS-RS 110 will generate and send a privat_E:~ encryption key to tlre unit to be registered. 'ihis regi8trai`iori pz,,ocess will be described in greater detaii below with r: eferencc, to Figure 7B.
At a process block 216, ttre ECS-RS 110 registers a decoder box 116, 118. 1rhrr pi:'ocess block 216 will be executed once for each cable decoder box 116 and satellite decoder box 118 in the syste7Yt. 'T1::e ECS-RS 110 will again generate and send a pri.vate encryption key to the unit to be registered. This registration process will be described in greater detail below with reference to Figure 7C.
At a block 218, the iriethod of rhe present invention is complete, and a secure communication net:work has been established between the diif fex:ent c>pei::ational un:its of the subscriber television system. More specifa.cally, the ECS
108 now has s. unique private en~.~r.ypt:7.on key and a unique public signature verificst,3.o,-i. key fnr each of the uplinks 112, each of the channe~.s 1.42 of each of the head ends 114, and each of the decoder boxes 116, 118, as well as a single private signature key for use with :~..1.1 of these units. The L t ? ~~~

ECS 108 can now send encr..ypt:ion/decr-yption information to the appropriate operat.ioaa:t un i..t5 by encrypting the information in each of t.h.e c.tperat::i.ona:l units' respective private encryption keys. in additi_on, the ECS 108 can sign the information using its private signature key, as required, so that each of the operational units can verify the source of the information by applying the corresponding public signature verificat.ion .key. Final:..ly, where appropriate, the ECS 108 can verify the source of a signed message by applying the pub:'_ic: si(_jnat:.ure verification key that corresponds to a private s:i(:jraat::ure key of the unit that appears to have sent, the message. A would-be pirate will now have a very diff.i.c.Lal-t tirrie br-eaking the encryption network to obtain the information necessary to unscramble the video signals.
Even if Ei pirate manages t.c) break tile secure environment, for exarrrple, by obtaining one of the private encryption keys, a seC'ure ~_orcYrirunication net:wor can generally be re- establislre.ci by r,e--rf>qistering s(:ame or all of the operational Lrn::i.;_S, Qc t he systfem. The .r.e-registration of the operat:i.ona_l_ uni.tw~ can be pel:formed in the same manner as de5crik:}t-~d at-rd i1.:l.r.zsG:.:z.ated with reference to Figures 7A, 7B and. 7C. `T:'rn.zs, th,~a r~,~~ :eegistrat:ion oft:he operational units can be pc=rf:ormed remotely.
This re-registrat:ion Prc:](::eSS :i.:.< a major ad'4Tantage of the present :i.nventior7. c:;ve_, thc~? t=;ubsc.,riber television systerns of the ~:)rior when a. ~iubscriber television system has bec.L2n c..ompr.c::?m:i.scd, a:large number of decoder boxes EYtust be ref,)laced, c:::~osting thf:~ service provider large sums of mo:ney.. A:l.lcarnat:ively, the decoder boxes may contain a. replac:~eak:,:l..E sec:,.zr:il:, y cartridge that can be replaced in a n.urcabe:r: oE the decoder boxes to re-establish a secure r:ommurai.cation network. The I.,arocess of remotely re-registering the ope7:.~at:,onal unit~:~ upon a compromise of the secure n~!t:wor,k t3re,~atl.y simplifies the process and reduces the cosi:- of. -re-ests.bl.i.shing a secure network. In the subscriber te]..evision system incorporating the present invention, 1::.h.ere is no need to modify the 2 I84~~~;I

..2 () ,_ hardware of the system, everl to move any of the hardware units of the system, to rc:i-e:,tab7.:ish the secure network.
The number of 1-znits that. ~rmst i.=f.>- rectistered to :re-establish a secure netwc>rk wi.l?. c3epend on the particular compromise that is ir:.vo:Lved a.nd mus?:r be determined orl a case-by-case basis. For e.x.amplF.,_. i: a private encryption key of a particular cabl,",~> dec:;(:)c:ier box 116 is obtained by a pirate, then only that particular cable decoder box 116 must be re-registered. 'I't-ie ECS 108 can transmit a message to the cable decoder box 116 to :ir3d.icate that the cable decoder box 116 must be At that point, the re-registration process (:~)f thc- c.aky'l.e decoder box 116 will proceed as described below wAth reference to Figure 7C. A
re-registration process may ~Ilvo bE'. per-formed to cornpensate for some form.s of c:ryptocwE=~:::lkness in other areas of the secure communications -system in which the present invention is incorporated. Por example, in a subscriber television system, if a video streaflri c.ipher tec-hriique is utilized that is vulner<.tb:Pe t.c::, pi.rate attacks, then re-registration, followed by (Jisserriii.aat:i.c.>n of new cipher keys, can be used to ensure asecure. communication network.
Also, if a private signats..zre k.ey or a private encryption key of a sect?.,re _:-tii.p 140 is comp:rom:z.sed, then that particular securE> ciTi..p 140 .~an k:.,e replaced k:,y a riew secure chip 140. The new sectt.re chip 140 should be personalized according to apers~:Dnal.i.zation process, as described below with re.fererxc ~u to either Figure 3 or Figure 5. Then the new secure G:ih.a.p 140 can be inco:rpo:r:at:ed into the same element from whi^h th~-,N c:,>1d. secure chip 140 was removed. The element receiv:i.ng the new secure chip 140 must then be registered ..rccordi.ng to one o:=the processes described below with refe:r.(;.~nc:e t.c:a E:~'-i..cp-ares 7A, 7B arid 7C.
Depending on the eletYier-it t:laat ha.7 ;U~een compromi,;ed, other elements in the system may also need to be re-registered.
For example, if the ECS 108 has beeci compromised, then each of the other operationdJ. Llr7itS, c:iSSo: iar_ec:i with thtit ECS 108 should also typically be :c~c.~- z:eg:istered because zill of the 6,7 y .,, 27 ....

private encryption and s:i.clraa.tLire keys associated with that particular ECS 108 will tyt:~:i ::a v_ Y riot be t:r:'usteci.
In the preferred embodiment: c:t t!rie present invention, the re-registratiori process .:iesc:ra.bed above will also be periodically executed f:o;x- each c:>f_ t:he operati.onal units in the system to further safegu,-,:3.rcf the secur. it.y of the communication network.
Figure 3 illustrates tl-le.::' t~r()ceSs for an MKS 100 to personalize a secure chip 140 i_af t.n E:'S) 106, Lln MKS--PS 104 or an MKS-RS 102, as represez-ited by the process block 206 in Figure 2. At a block 300 F'igtzre 3, the personalization of a secure chip 140 beg:i.n,:,. A.t~ i:::i l:ar: oc:~~~ss block 302, the MKS 100 generates a p1_zbl:i.c/j.:~rivatE~, signature key pair for the secure chip 140 that wa.ll be personalized. This step is the same as the p:Coc.esti' c;,fescr.:i.taed above with reference to the process block 202 of: Figure 2.
At a process block 304, t?le MKS 100 creates an authentication certifi_cate f:or wlie secure chip 140. The purpose of the authenri.cat-i:-:m c.,er-:i.t,i.c:ate is tc.> indicate that the MKS 100 recognizes the T.>ubl i. c si.gnature key of the secure chip 140 and to :i rid.icate that the unit containing the secure chip 140 is at:ct.hc_>:ri.Led ~:_o perform the functions specified in the certific,aL:.E::. k,~.~a example, a secure chip 140 for a PS 106 will be authorized tno personalize other secure chips 140. The piocess for creating an authentication certificate fcx:- the sec:!ure chip 140 will. be described in greater detail t~e>low reference to Figure 4A. Appendix Al contains a table indicating the general formats of the authenLi.catios.1 c. ert:i_fic,~ate for a PS 106, an MKS-PS 104 or ari. MKS-RS 102 c?f`.. tr?.e preferred ernbodiment.
Appendices A2-A7 contain tables i.nd.icating the general formats of other certif icate: and messages of the preferred embodiment. The format ur:: :each c::>:f:: i:he certificates and messages represented by Apperdices .Al-.,A7 can.var.y widely in different implementations o.t t:.he present invention. For the preferred ernbodi_ment, c.EVCr-G ot~ trlc:~se certificates and messages will comprise ~a nu.mhrer of f.:ie:ld types and sub-field types. The authent:.cation certificate of Appendix A1 d: 1 l <tl.Ji N1-3.
further comprises a cert:;ific at:e :k:ieader, an authorization block, a public signature k(:ay and a ,::,i.gnature block. The certificate header further comp.~i.>es a certificate ID, an issuer ID, an issuer cert:.if:icate ID, :111 effective date and an expiration date. Appendix A8 contains a list of definitions of tl-ie field ypE:.ti~ c:-)f Appendices A1--A7.
At a process block. 306, tJ-1e MKS 100 creates an initialization message fr.:,r t:~icA sec.-ire chip 140, which will contain the private siqncit:ure key for the secure chip 140.
The process of creating this messixge will be described in greater detail below with reference t:a Figure 4A. Appendix A2 contains a table indi cat ing the general format of the initializaticn message fc>r &t I?S 106, Y,iri MKS--PS 104 or an MKS-RS 102 of the pr.,eferreci c=rnk>c c::~.inen At a process b.loc)c 308, the MKS 100 sends the authentication certificat:e created in tl-ie process block 304 and the initiay`ization message created in the process block 306 to the secure chip 140. This _r,:.rrisfer must be done in , a secure environment: bec. au~.,. ttle :i.ii:it.G.aia.zation message contains the pri-vate s i.gn,_Itl..z:t:-e kU3),` f-or t_-IAe secu.re, chip 140.
If an outsider intercepts ti'i_s meE-,-,saae, then the outsider may be able to i.mpersonat.e the secure chip 140 by signing messages with the private signature key of the secure chip 140. Preferably, the Mk:4U 100 wiiLi be in a very secure environment. F'or e.xampl.e, ~::-Jef)er~di.n,g on the threat of piracy, the MKS 100 rriay t:c::a .,:rrt <t: ~red in a high security vault, with armed guards,. I?ref::erab;_y, the secure chip 140 will be taken into direct c,ozxtact witl; the MKS 100, within the secure environment, fLor the personalization process.
One of skill in the art will know of nurnerous methods for ensuring the secure c:ornmunicat::ion :?f t::liese messages.
At a process block 310, t-}-3.e se,::ure c:kiip 140 c:.,hecks the authentication certif:i.ca[e bt.ai7ic::~c:i ;":rom t.-he MKS 100 by applying the MKS public S:k_c3nat:.ure key ~?btai.ned f.r..r_)m the R.OM
of the secure chip 140. '~'he process for checking the authentication certificate 'will be ciescribed in greater detail below with ref:erence to Fitg,..xre 4B.

2184b,79 ::, rv~ .

At a decision bloc~l,: 311, tiie secure chip 140 determines whether the-- check of the authentication certificate performed ~:It, the i~::>roc_,ess block 310 was successful, or whether it: r:(;-~t;r.zrned wa.th an err.or condition.
If the check of the authent.ication certificate was not successful, then the secure chip 140 will advance to a process block. :315. At t.h:i.;, the secure chip 140 will abandon the personal.ization process arid return to the block 300 to restart the perscria.:l_:i,::dtior;, process. If the check of the authentication was s'uccessful, theri the secure chip 140 will advance tiD a process block 312.
At the process block 312, secure chip 140 checks Te I'e;sCc:..l ved from the MKS 100.
the initializatiori mess ac Again, the secure chip 140 wi.]..l app:l..y the public signature key of the MKS 100, obtairred fror;i tiie ROM of the secure chip 140. Th.e process tc :ar checkinq t:he init .alization message will also be described i.n greater. detail below with reference to Figure 4B.
At a decision bl~.)ck 313, t.he secux-e chip 140 determines whether the check of the initialization message performed at the process block 312 was successful, or whether it retra.rned wi t h arr c_ r x c . , x ,:~;onc:ii t:.ion . I f the check of the initialization message was riot successful, then the secure chip 140 will advance to the process block 315 and abandon the per_sonali.zat.:i._on i-Drocess. If the chE::ck of the initialization message was succyessful., then t.he secure chip 140 will advance to a process block 314.
At the process b1 c7c k 314, t:.1 e .>ecu:z:-e chip :140 stores the authentication cnrt:ifi.(:~At.e izad the i:nit:ializati.on message obtained from the MKS 100. The secure chip 140 wil:1 carefully guarci t.hf:~a c~c>r~t:.erlr , o: t:he initialization message, because it i.9 E's.::aer.tial. i,.ha=.: no outsider obtain the private signature key contained in that message.
At a process block 316, secure chip 140 riotifies the MKS 100 that:. the certificate and the initialization niessage have been accepted by the secure chip 140, and ::hat the pr: x sora~l..:i za.t io:1 of the sE.,cure chip 140 has beerr c,ompletec3. At. ap:r:ocPss block. 318, t he secure 84b/~
:~tr chip 140 will perform a lc.ack: ro.ut:in+: ,~~o that P::he secure chip 140 will not accept ariy turther attempts at persorialization. 'i'hic-; Jo::.k t:-'out:ine will ensure that the secure chip 140 never runs the personalization routine again, and ensures that the rnemory ].ocatioris containing the authentication cert:x iIt:;atc. ~11:rad tli4: ;ini.t::lalizat:ion message can never again be modified. This lock routine will prevent would-be p.i.rate~~~ f:'r,om t ainpe:ring with the stored messages, and, especially, t..licw! pI:'_i.\ =<:It.c:~ signature key of the secure chip 140.
At a process block 320, the NzKS 100 deletes any copy of the private signature key of tttF= secure chip 140 that it may have retained after the init:ialization message to the sect.ire ch:ip 140. At: t;.i.is point, the secure chip 140 will be the only f->lement w-_th knowledge of its private signature key. At: ~-~ bl.ock 322, ~he persoYialization of the secure chip 140 iA:> comp3..ete.
Figure 4A illustrates the process for creating an authentication r..erti.f ic:ate ancl t:he prc>cess for c:c:eatinq an initialization message f(:;3- a sect;x.-e chip 140 of a PS 106, an MKS-PS 104 or ari MKS-RS 102.. 'Ihese processes are represented by the I rC) r,:ess J::) :toc.~ks 304 and 306, respectively, in Figure 3. At a block 400, the MKS 100 wiil begin to create the certifica.te for the secure chip 140. At a pxcj,..~e,,s 402, the MKS 100 will create the structure of ti_e authenticalLion c.ertificate. At a process block 404, tJ le Iv;KS 100 ac::id the secure chip 140 public signature key `.hat.. was ~4enerated in the process block 302 of Figure 3. Ai- kDr:<::ace:ss b.()ck 412, tile MKS 100 will add a dat,',i vali.ie t.~., t}le in,:~s5age to indicate the authority that will be granted tc the secure chip 140. A
secure chip 140 for a 1-11A 106 t:7x_ ai:r MKS--PS 104 will be granted the author. ity to personalize other secure chips 140. A secure chip 140 f:or tlie MKI',-.RS 102 will be granted the authority p-o registe:t, I:1C:.S RS 110, an ll'CS 108 and a UL 112.
At a process block 414, the N;KS 100 will add a first date to the message to ix.idicat:,e thF=, date on which the -31. .

authentication cert.ificate wz.l1 become effective and a second date to indicate the date on which the authentication c:~ertif:icat~~ vv:ill e:xpi~re. As described in greater detail below, the-se cfates s,pec.ify a window in which the units receiving the secuare chips 140 will be authorized to perform their .func.t io:n;~ . ~['L:i.., _s ;re::t another safeguard to defeat pirates. For example, f=ven if a pirate manages to obtain a PS 106, and can ~i-l..so (:)bt-ain some secure chips 140, the pirate will on1 ~~r b:-= ak. lf::> r.0 pe:rsona:3.ize those secure chips 140 that have a manui_act.uring date code that falls between the eff:ec.tive clate and t-ie expir.ati.on date of the authentication certificate c..>f. the PS 106.
At a process block 416, the MKS 100 will sign the message using its pra..vate s:i.c::giature key and the DSS. After the MKS has signed the iriesuage, ~-he message becomes the authentication certifi.cat,e f`:ox i:..:ra.~~ sec7-ire chip 140. At: a block 418, the creation of trr~:.=. ,:5l.zt-heratication certificate is complete.
At a block 406, the MKS 100 wi:11 aaegirl the creation of the initialization message for the secure chip 140. At a process block 408, the MKS 100 wiil create the structure for the initialization mess~.,rge. ~at. -i process block 410, the MKS 100 will add the secure chip private sigriature key that was generated at the F,~rr.-Dcesw block 302 of Figure 3.
At the process bl.ock 412, tzle MKS 100 will add a. PS
load command into the message. At.. trie process block 414, the MKS 100 add an e~i~L.IctJ.vi,-:~ dat::e anci. an expiration date for the initialization rneSsagG. At the process block 416, the MKS 100 will si.gri t:.he in.i.t:ial.:..za.tion message using its own private signature ;;.ey arld :l:ie DSS. At the process block 418, the creation of the ir,i.t.ial.izat.ion ntessage is complete.
Figure 4B illustrates the pr(-)c.1ess for the secure chip 140 to check the authent.ication certificate obtained from the MKS 100, as :represent:r:ad i:,y process block: 310 in Figure 3, and the process fcar the secure chip 140 to check the initialization rnessacxe. c:;>bta:ined Irorn the MB;.S 100, as represented in the process block 312 of Figure 3.

32_.

At a block 460, the process for checking the authentication certificate begins. At: a process block 462, the secure chip 140 perf:orm,, the signature verification algorithm of the Z.)SC on the s:ignature block of the authentication certificate using the public signature key of the MKS 100 to determine whether the authentication certificate was signed by the MKS 100. At a decision block 464, the secure chip 140 determines whether the signature verification was successful. It the verification was successful, theri the secure chip 140 will advance to a process block 466. If the verif ycat: i un was unsuccessful, then the secure chip 140 w::c.ll advance to a block 476. At the block 476, the secure chip 140 will return from the process of Figure 4B with an error condition, because the element attempting to personalize thr;, secure chip 140 is not the MKS 100. From the b1.ack 476, the secure chip 140 will return to the process of Figure 3.
If the signature verifi.cation is successful, and the secure chip 140 advances tc t.1Ac:> process block 466, the secure chip 140 will nrtey check t::he content of the authorization data value cont:ainea in the authentication certificate. This data value wi:i1_ indicate whether the MKS
100 has authorized the SecUr_-e cha.p 140 t:o perform i_ts designated function of e:i.tl:.zq-r personalizing other secure chips 140 or registering other elements of the communication systeiTt. A.t a pro(.~ess block 468, if the secure chip 140 determines that :i t is riot authorized to perform its designated function, then the 3ecure chip 140 will advance to the block 476. At this point, the secure chip 140 will return from the process of Figure 4B with an error condition, because of the t: a i i u re of the MKS 100 to authorize the secur'e ch:i.p 1.40 tc pE:: rform it.s function.
Again, the secure chip 140 will return to the process of Figure 3.
If the secure ch:.Lp 140 determines that the MKS 100 has authorized the secure ck~~~.;7..}_) 140 t:.o p>;;:arf:orm its function, then the secure chip 140 will advance to a process block 470. At the process block 470, the secure chip 140 will d4b ,..
/
compare the effective date axrc-i r-hc:! expiration date obtained from the authenticat~~on cer!-.if__tcate against the manufacturing date code -!onta:ined in the ROM of the secure chip 140. At a decis:io:A'i block 472, t;he securE.'z chip 140 determines whether the autnent.icat::;on certificate is fresh.
A certificate or message is r-resli it ic~s manufacturing date code fal.ls between t:he E:;;A:~fec t:.ive date and the expiration date of the certificate car t.t-ie message.
If the secure chip 140 determines that the authentication c..e.rt. i. f i.c:;a-. F f.rF-,sY,, then t. he secure chip 140 will advance the block,476. At this point, the secure chip 140 will reta.r:ri froiii t:l-re process of Figure 4B
with an error r:ondi.tion., bec::Iu.se the authentication certificate is invalid. The eYfective period of the certificate should at least: tlre date code of the secure chip 140. Again., t:.hc, SF.=cLIrc. chip 140 will return to the process of Figure 3. i-.f the secure chip 140 determines that the authentication certificate is fresh, then the secure chip 140 wi:ll advanc:-e t(::) ablock 474. At this point, the process of check:i.ig the authentication certificate has beer-i completed, anc t.he authentication certificate has passed the t.4=lst. `:I:'he secure ch:il~ 140 will return to the process of F i.gu.re 3w;i.t.1-, no error condition.
At a block 478, I-Yre process for checking the initialization rriessage b~:~qi.ns. '1:'T3. s process is generally similar to the process for check:inq the authentication process, except as indic:ated below. At a process block 480, the secure r., ,hip 140 fr,,,r a. i.:Lc: ~7 t..hat, t:he init?.alizat ion message was signed by tTie MKS 100 by applying the MKS
public signature key, c:o~~r'Ltairled in t:lle ROM of the secure chip 140, arrd thE:,= DSS,. At: %-I i.5l.ock: 482, i he secure chip 140 determines whether the verification was successful. It the verificat:ion was not successful, then the secure chip 140 will advar':c.e t:.o the bloc.k 476 and return to the process of F-Lyure 3 with an error condition.
If the secure cliip 140 det:e:t'mine; t1'rat the verific.ation was successful, then the sect.rre 140 wi::Ll advance to a process block 484.

34 At the pr_ocess block 484, L::ie ~:,ecur.e chip 140 will check the content of the atathori zat i.on data value in the initialization rnessage. AL a decision block 486, the secure chip 140 will det ~:cm:i.riE: wh.E.tr:er the auttio:rizat=ion data value cor~tains a load command. T f there :l_s no load command, then the secure c:hip 140 will advarice: to the block 476 and return t:o t:he ptr,{:!e:,ss o" P, LcJure 3 witY-i an error condition. Tf there is a. Load c.ommand, then the secure chip 140 will advance to la process blc;ck 488.
At the process b"Loc:k- 488, t:.lIc::~ ,-,ecure chip 140 will compare the effective date and the expiration date stored in the initialization message aga.inL>t the manufacturing date code of the securc~~ cri:ip 140. At ::z decision block 490, the secure chip 140 w:i.I :i determ:i.ne whether the initialization ntessage is fresh. it the message is riot fresh, then the secure chip 140 w.,~.i.. 1. advance to the block 476 and return to the p.z:-(:)c..ess of Fi.qure 3 with an error condition. It the sec:ure chip 140 detex'mines that the message is fresh, then tk:e se::!cure i:::!hif:3 140 will :::advance to the block 492. At. this poi n."t , the .=:}ecure chip 140 will return to Figui-e 3, axld t-.fie px ocess of checking the initialization messacle wi L 1. ~1i.Ive> bee:!ra. i-i.ave si.zc-~cessfully completed.
Figure 5 illustrates t:he process of personalizing a secure chip for a chanriel 140 of ar.i HE 114 or for a decoder 116, 118 by a PS 106, as r.-~~presented by the process block 208 of Figure 2, and the process oJ`..: personalizing a secure chip 140 for a~-i ECS 108, ar:r 110 (,)r a UT., 112 by the MKS-PS 104, as represen~~-;ed by the process block 210 of Figure 2. These processes are gF-arlerally similar to the process of pe:rsonalizing aS(acUre 140 by the MKS 100, as described above with reference to Figure 3, except as indicated below. Both of these processes begin at a block 500. As a matter of c.on-saeni.ence., botr i the PS 106 and the MKS-PS 104 will be referre.ci. to as a. "persona.lizing unit"
for the description of the.;3resent personalization process.
At a process block 502, t.he persc>nas.iz.ing ~_ini.t will generate a public:/pri.vafie :~~ic,~n.a.ture key pair for the secure ... J f.~ ._.

chip 140. The person.alizinq ,,zn.i.t will also generate a public/private encryption kFey pai.r.', c::ie;,ignated the rekey key pair. The rekey key pair may be generated under any reliable public key en.crypt:i.oxz rrzet.hod. For example, the preferred embodiment w:i :1.:1. ~, t::i 1.:i. rc::. t:he RSA encryption method.
At a process block 504, t'rre pexsc,~nalizing urlit will create an autl'ie:ri.ticat~i.ox:L G.:~~,z t;if~
_ ~ rat,e for the secure chip 140. This secure chip authentir_at,ion certificate will be similar in structure anc3 cont:.eri,.t::, t.l.re secure chip authentication c.ertif`.i..cat:e c.,reatec.a b~- the MKS 100 in the process block 304 of Figure 3. However, the present secure chip authentication c:.ert-~~~ f; :~.~oate will a1:,~,o contain t:he public rekey key of the -,ecl:ix,-e c1il,L:j 140 , 'I'he process for creating the authenticatiorl certificate will be described in greater cietail. below wi.t.i, :~:re.t:exenc.e to F'igure 6A.
Appendix A3 contains a table indic,::zt:i.nq the genera:L format of the authentication cez-tif_i.cate for an HE 114, a decoder 116, 118, an E('S-RS 110 ca;F :. tT:, 112 of the preferred embodiment.
At a process block 506, the perso:nalizing unit creates a secure chip iriitia]..izati.(.:1)n rrressage. Again, t:f-ae present secure chip init.ializatiorr mc.!ssaye :is similar in structure and content to the secure cha.p initialization message created by the MKS 100 i.t:. the p~~-c:ices.: block :306 of: Figure 3. However, again, the present set~,ure chip initialization message will also contain the p--clvate rekey key for the secure chip 140. T1.f pri::.>ces.., fc,r creati.ng the initialization message will be desc_ribed in greater detail below with reference to F`i.yur~=e 6A. Appendix A4 contains a table indicatirig the gen;:: :t.a 1. 1_01-ITrat, of the initialization message for aiz HE 114 ,a decoder 116, 118, an EC.S --RS 110 or a UL 112 of the preferred embodiment.
At a process bl.uck: 508, t:he personalizing unit sends the authentication certificate of the personalizing unit, as well as the aut:hent:ic;ation ;;r,rti ficat.e and the initialization message c.~J: rl7e secr_zre chip 140, to the secure chip 140. The authentication certificate of the i 84t) I'~

personalizing unit was provided from the MKS 100 to the personalizing unit d.ur:inr.a the personalization of the personalizing unit in the pt:'c,.~~ew>s k_Ylack 206 of Figure 2.
The authentication certificate and the initialization message of the secure ch:i.p 140 were creat.ed in the process blocks 504 and 506, respecc..i.vel_y. The transfer of the initialization message from the personalizinq unit to the secure chip 140 must.. be c::l.orie iri completely secure environment. Again, if an outsider obtains this message, then the outsider can imper;;onate the secure chip 140 to eavesdrop on communications t.hat: are intended to be private and to sign messages pretending to be the secure chip 140.
At a process block 510, the secure chip 140 checks the authentication cert.ificrat:e c.,.t nhe personalizing unit, obtained in the process block 508. This process generally comprises two steps. i ir:at: , the secure chip 140 will apply the MKS public signature key to the authentication certificate to ensure that the certificate was generated by the MK.S 100. Second, the secure chip 140 will ver_Lfy that the personalizing un;it was author:i. zed by the MKS 100 to personalize additional secure chips 140. The process of checking the authentication c~et-t:i.ficat.e (:) f the personalizing unit will be ciescribe(:i in greater detail below with reference to Figure 6t3.
At a decision block 511, the secure chip 140 determines whether the process of checking the authentication certificate of the personalizing unit performed at ttze proces._ k::,:l.oc}~ 510 was successful, or whether it returned wit.li a.rl error condition. If the process returned with an error c:c:.;ncia..t.ic7n, then the secure chip 140 will advance to a process b1.oc..k 517 and abandon the personalization process. At the process block 517, the secure chip 140 will return to t.he block 500 to restart the personalization process. I,:#: the prc>>,,ess of checking the authentication certificate of the personalizing u.nit was successful, t:hen the secure 140 w:il:::i advance to a process block 512.

CA 02184679 1996-09-30 ~
3'7 _ At the process b:iock 512, tlie secure chip 140 checks the authentication certifa..c,,,,=.p::e. of the secure chip 140, also obtained iri the process 508.. l-tere, the secure chip 140 will apply tI-re pi.i.b.'i.ic t:.i..gnat:ure key of the personalizing i.znit to +veri.fy tha'~ the secure chip authentication certificar..e was sigried by the personalizing unit. The seclzre chip 140 c~,r~,~~;,t.ains the pi-iblic sigrlature key of the personalizing t.rn:i.t from the authentication certificate of the persona.:l.:iz.inq un:i.t. Th.e process of checking the secure chzp a.;..ithenta.cation certificate will be described in greater detaii kaelow w.i.tir reference to Figure 63.
At a decision blcack 513, the secure chip 140 determines whether tlze px: ocess c:>f ~i-reck:i.ng the secure chip authentication certificat.e performed in the process block 512 was successLu1., (Dr= wi^.at~t.k.Ler i t. ret:urrred witt-r an error condition. If tyhe p~'C)c; e-Ss Fr-:'t:urned with ari error condition, then the secure chip 140 will advance to the process block 517 and abandon the pe:.r=sonalization process.
If the process of checking the secure chip authentication certificate was successL.r:;_, t: .he secure chip 140 wi_11 advance to a process block 514.
At the process block 514, tahe secure chip 140 checks the initializati.on rnessa~,Je ~_,i': t:k,.e secure chip 140, also obtained in the process block 508. Aciain, the secure chip 140 will verifY that ti-ie rnessage was signed by the personal :i zi.ng un~. t. The }?r(.)(.-,ess of checking the initialization message wi.l1 k:)e de7c::ri7.)ed in great:er detail below with reference to Figu.i.e 6E. The secure chip 140 will ensure that the privat:.e slgrls.ture and re-key keys in the initialization messac:fe art:= kepa:_. P,:ivate.
At a decision block 515, the secure chip 140 will determine whether t::h~~~:~ p?rc:>c(,-"' s s t) f: checkirrg the initialization message per_f.ormed at the process block 514 was successful, or whet::.her it sLeturned with an error condition. If tlie p:: ~,c,ess x:t.:t.urned wit.h arr error condition, then the secure chip 140 will advance to the process block 517 and abaridon the per~~ronalization. If the I 4b _., process of checking the :.na.t:ialization message was successful, then the secure chip 140 will advance to a process block 516.
At the process bl.ock 51.6 , th(:~ ~.~(::~cure chip 140 stores the authentication certificate of thF- personalizing unit, as well as t.he w-irattrrrL.i.c' <1r:.ic:) r~ certifi(.-.ate and initialization rnessage ,:_)_E tI".e secure .:h:ip 140. At a process block 518, the secure chip 140 notifies the personalizing unit that t:~1f.: ai.rtlrer;t::icat:::ic n certificates and the initialization message l:Is:rvE_ :t.)r,~`E,n received arid. verified, and that the personalization of t:he secure chip 140 has been completed.
At a process block 520, secure chip 140 runs a lock routine that is similar to the lock routine that is described above with reference t.o he process block 318 of Figure 3. This .1ock a:c}X.at: i.rie p:.eNevents outsiders from attempting to re-personalize .i sPr:.ra.re chip 140 or modi_fy the contents of the memory tlrat contai.zis the authentication certificates and the a.rait:i.a:1i.zatiorr message. At a. process block 522, the personalizing unit :lestroys any copy of the secure chip private s:iga:ature and re-key keys that the personalizing un,it has As-. this point, only t:he secure chip 140 will, havt:-~ knowledge of the private signature and re-key keys of the secure cnip 140. At a block 524, the pe.rsonal.i.t:at-.ic>n of the secure chip 140 is complete.
Figure 6A illustrates the process for creating a secure chip authentication cer.-ti.f ic::rate, as reprF.~sented by the process block 504 i:rl F:.i.qUx: e 5, and the process for creating a secure chip init i.at=ion message, as represented by the process blt:ack 506 in Figure 5. These processes are generally Lca processes described above with reference to Figure 4A, except as i.ndicated.
The process for creating t-:tie authenr~~~ication certificate begins at a block 600. r"~t a J:~)rc>cese block 602, the personalizing u.nit. creates thf:-~ structure for the certificate.

;9 Referring again tc> fiur.e 6A, at a process block 604, the personalizing un_ :it adds t:::.he secure chip public signature and r:e-key keys tliat wer-e gene:ratf:~d in the process bloek 502 of F'ic:4ure 5 t:.o ti7:: certificate. At: a process bloc:k 612, the persc,nal iz:irig unit adds an authorization data value to t:he cex:t:ificate to irLdicate the function that the secuce ,:,t:i.a.p 140 is aut:.hori.zed tcD perform.
The possible function:_, incltic:ic, t::.he t:unctions of a channel 142 of a head end 114, a dec: rAe:r box 3.16, a satellite decoder.- box 118, an EC' 7108, an EC"S--RSI 110 or a UL 112.
At a process block 614, t:}.e personalizing urlit will add a first date to t:hFr rert::i.fwiczite. t.c indicate the date on which the cert.iticate w.i.l.s.. k:~E>>c.:,ome e.1Cecta.ve and a second date to indicate ttie ciate ori wh:i;,h i-he certi.f:icate will expire. At a proces: 616, t.h~:~ personal:i.z:i_ng unit will sign the certificat:e uSa_11c4 t: he personaliz.:l.ng unit's private signature key ai-d the TX:>5 alcxor.ithm. At this point, the cE~r_ t. if icar_e w:i.1 :l become the authentication certificate of the sec:u~t:e c1hip 140. After signing the certificate, ti-ae personal.izi.iaq un.i.t will advance to a block 618 to complete the l.z:cjcE :s trA re,tur,i t o Figure 5.
The procE-.sS for c.r, at,_Lrlcaan irlit:.:i_al.-zati.on tnessage begins at a block 606. r?.t: <,t ,.~3z:,o;:ess block 608, the personalizing unit creatf:>s ttie st::r,a.ct:.zre for the message.
Returning to Figure 6A, at a prOcess block: 610, the personalizing unit wiL..l -idd the private signature and re-key keys of Che secure criip 14.0 t o the message. The private signature and re-key )i:ey;: wF..re generated in the process block 502 of F'igi.j.z::-e 5.
At the process bloc};: 612, the personalizing unit will add a PS load command to `..rre i-riessaue. At: the process block 614, the personaliziriq uxri..t:, w:i1.l idd a first date to the message indicating the dcit.t.:! on w.hi~. h the message will become effective and a second date irdic:,ating t:ra.e date on which the message wi_::i.l expirc.:..
At the process blocR: 616, the personalizing unit will sign the messaqe usizuj t.he_ uni. t' s private key and the DSS. At~ this pc.3:i.t7t-., tr.e messaqe will. become the 7~
initialization message of: the secure chip 140. Next, the personalizing unit will ac:ivia.ncc:a t.c.; t.he block 618 to complete the creation oi:~ t:,:}ie ini.t:ia i_ization message and return to Figu:re 5.
Figure 6B illustrates t.l-.i.e px:-t:X.~es:-;es for a secure chip 140 to check the ~.zuthent,:i.cat:or.-) certificate of the personalizing unit, the authentication certificate of the secure chip 140, and the zat ion message of the secure chip 140. These processes are generally similar to the processes described above with ret~er.ence to '"igure 4B, except as indicated. The pcc]s: es: : for checking the authentication certificate of the personalizing unit, as represented by the process block 510 i~:i Figure 5, begins at a block 660. At a process Ld~::;c:},; 6:62, the securc=.~ chip 140 applies the publ.ic signature key c~f the MKS 100 ai-id the DSS
to determine whet,her t'kie certificate of the personalizing unit was signed by trle MKS 100.
At a decision block 664, the secure chip 140 will determine whether rhe j.c,4 nat~u.:r e verificat:.ion was successful. Tf the ve:z.~it:ic::at.i.or. wss r.zot successful, then the secure chip 140 will advazice to a block 676. At this point, the secure chip 140 wi.l.l D::,t:.urn r..:o the 1.>rocess of Figure 5 with an error cc:ndii~..:ic::>n..
If the secure chip 140 determines that the signature verification was succ:essf.u-a, then the secure chip 140 will advance to a process b:fock. 666 _ At:.. this point, the secure chip 140 will check the content <::)fi: the authorization data value in the aut:hent:icat::i.c)n c::~ert.:::if::icate. At a. decision block 668, the secure chip 140 will aetermine whether the personalizing un:i..t. was aur-hari.zeci t:D personalize <idditional secure chips 140. l:f t:tae personalizing uni.t: was not authorized to personalize additional secure chips 140, then the secure chJ_p 140 wa..1 i~~.c~.r kr..c:e t:c.. the block 676 and return to the process c,f. E~ ajurc> 5 wit;r, an error c,or.idition.
If the secure chip 140 determines that the personalizing un::r_t was to personalize ~.addition.al secure chips :140, then the 140 will cldvance to a process block 670. At the process hlock 670, t:he secure chip 140 will obtain the effective date and the expiration date of tYie authent.i.c.rati(Dzi, cert i.f:icate, and compare these dates against t:,kle manuf,::ic.,t:ui:,inq r;ate code of t_he secure chip 140. At a decision ba c7r~3c 672, the secure chip 140 will determine whether ta3.e authent.ic~ita_on certificate is fresh. If the cert._i.fi.ca.te i.=> rzot fresh, then t.he secure chip 140 will acivance tc, t.-he b:lcack; 676 arid retr.zrr:i to the process of Figure 5 with. an er:rr;r ::.ryon._iition.
As described above, t~~reswi.,iar1<~ effective and expiration dates for the authenticatior, c,~ert:ificates he:lps to defeat pirate attempt:s. A se~cwuret cri:i_~:3 140 will not accept personalization by a persorra Liz::L1ic; ~r:r:it that has provided an authentication certificate for wfrich the eff,:,ctive and expiration datr~~.s do rrot c~~->:incide with r,-.he secure chip 140's manufacturing ciat:e cc dk:= each authentication certificate wil... only b~s valid for a l.imited number of manufacturing date codes,. As a rE~sul t., a pirate that has managed to steal a persorza.I.i.;inct will only be able to personalize a limited nrar.dDer' of secure chips 140. To minimize the number of z~-w:i.~r4.> c.Erl.p~s 140 t.hat a pirate can personalize under these t:he effect Lve period for an authenti_cat:ion cert.: .f i.cat~r-~ should be r:elatively short. Consequently, ape.rsOcial.i~;s.na l.znit will typically be used for a tirrje pe.riod extends bc~yond t.he period of vali.dity of the original authent:icat::iorz certificate. For this reasorr, the-~ present invent:i.o1-1. provides a r.;apability for the MKS 100 to cornml.zn..:ic,:ate SI.:I)sequent authentication certificates to the person4zl:i_zin(.1 units of the system.
Figure 1 illustrates a ?.ine 119 over which the MKS 100 can transmit ~tat=lierrt:ic:at.i_on ce:rtif:i.cates for the PS 106.
To provide additional safeguards, the persor-ializati_on routine of the secure c:'.~l:i.p 140 ~:,}rou:Id be performed by a programmable processing 1_anit within the secure c~iip 140 by executing a program confia::i.rre(l i..n R,.OM, where the R.OM is also located on the secure chip 140. 'I1_:iLs- v::i:l.l prevent a pirate from modifying the personaa..LZatiC)n rot,;tir-re of a secure chip .... 11 2 140 to avoid verifying t.tae authentication certificate of the personalizing unit.
Returning to the decision block 672 of FIG. 6B, if the authentication cer.t:lf.i~.:.at.:e i.:; fre..=sh., then the secure chip 140 will advance to a k:Aloc:k 674, At- this point, t:he process of checking the authentication certificate of the personalizing czr:lt w:ill strc.cessf=,.a::L L~~ completed, and the secure chip 140 will reti..zrn ex.ecution to Figure 5.
The process fc>r che ck:it~i q the authentication certificate of the secure chip 140, as represented by the process block 512 of Figux5, 'k)c:,c4:ins, at a block 678. At a process block 680, the secure ::hip 140 will apply the public signature key of t:,l1k:- 1:>f:~rsonal.izinq uni.t. and the DSS
to verify whether the authentication cert.if::L.cate was signed by the personalizing u.n.it:. A;s described above, the public signature key of the un:i.t is obtained from the authentication certificate of the personalizing unit.
At the decision k:~,lc::ac:k 664, t paF:~ Sec:.ure chip 140 will determine whether the s~_gnature verification was successful. ]:f: the verwf:ic;::.ct:.ion ;aas not successful, then the secure chip 140 wi:ll advance to the block 676 and return to the process of E'1gurK.:., 5 w:i.t.1-3 an error condition.
If the verificatiorL was succ:essf~rl, then t:he secure chip 140 will ac:ivarice t;,.a tr,e pz:;: c:eti~s block 666. At this point, the secure chi~.~ 140 w:i.ll c.hec:,k the content of the authorization data value in the authe.ntication certificate of the secure c...hi.p 140. At:, t.ki.. dc:!c:ision block 668, the secure chip 140 will determine whether it has been ai.zthorized to perform it.s desi...gnat.ed function. If it has not been properly authorized, then the secure chip 140 will advance to the bl(.:)ck 676 <-Inr::1 r:-erjii=n to the process of Figure 5 with an error condi_tion.
If the secure ch:i.p 140 dFat::erry!ines that it was properly authorized, thEn the secure c:krip 140 wil.l. advance to the process block 670. At- thi:; point, the secure chip 140 will compare the effective d,ite .Ind t rFE} expiration riat:.e of the authentication certificate with the manufacturing date code of the secure chip 140.

1: 2 At the decxsion bl.oc~r 672, the secure chip 3.40 will determine whether the aut.h('_=nt..i..cat:i.on certificate is fresh.
If the certificate i;., not: :f 2:e:;h, ther t.he secure chip 140 will advance to the bloc;~;. 676 and. r:et,l:irn to the process of Figure 5 with az: erx:o.r ciondLt.:ion. If t:}.ze certi.ficate is fresh, then the secure cha.j;, 140 w:i l l advance t:o the block 674. At this po:i.nt., fi_.he p:c,o:.:~es.; for c:heck:ing the authentication certificate of: t.he :_,ecure chip 140 has been successfully c(Dmplet.ed. and tlie sec1.a:r~e chip 140 wi_ll return 1.0 execution to Figure 5.
The process for checkinq t::he message of the secure chip 140, as re~):ceaent+~d by the proc:: ess block 514 of Figure 5, begi_ns a3:. a bl.ock. 682. At a process block 684, the secure chip 140 ~~.pp]. Je::a t: hE~ public signature key of the personal-J..zinc:l and the US ~ t::o verify t:hat the message was si.gned by t.he, pe r:'sonal iz:.rig unit .
At a decision k:)lr:)ck 686, the secure chip 140 determines whether the ;:],i.gr,i ature verification was successful. If the vE,~ri. i_ ir.:;at .:..o11 was, not successful, then the secure chip 140 will advance t.c; the block 676 and return to the p:rocess of I<'ig~~.ire 5 ~,vith an error ;.ondition.
If the signatur.e ver i.fwas successful, then the secure chip 140 wil:l. adv ~~~::uf tc:> a px ,c:ess b].ock_ 688. At this point, the secua_ e cli:ip 140 wi L1. check the c:~ontent of the authorization data value of the _i.zi i_t:ializatioaz message.
At a dec.ision block 690, sF:at:~ u:r.:e c.l:ii.p 140 will determine whether the message r...c.>nt:i i.zL" 9 P7 Load command. If not, then the secure chIp 140 a(.::vanc es to t..he block 676 and returns to the pr.. ocess of: F i.q ,.zx:,e 5 ~~i t^L an error condit ion .
Otherwise, the secure 140 adsr,:~ri :cls to a prc~cess block 692.
At the process block 692, the seci_zre chip 140 compares the effective date anci t:he expixat.i_on date of the initialization message ac7a:inst the manufacturing date code of the secure chip 140. A t R~l c1 ec~isi.on block 694, the secure chip 140 determir.G.es Whet.het: ta'le message is fresh.
If not, then the secure chip 140 advajic.es to the block. 676 and returns to the pro(::,e:a.s, of E'iqure 5 with an error d4o/1) condition. btherwise, t he ;."ec ux r:? c.hip 140 advances to a block 696. At this poirit, the process of chE:.,cking the initialization messaqe has been successfu.lly completed and the secure chip 140 wi.ll ~-etLlx-n execul: ion to :E'igure 5.
Figure 7A illustrates the pi:-ocess performed by the MKS-R.S 102 to rE:-gist-er talt :E;C,S-RE; 110, the ECS 108 or the UL 112. This process is re~~preserxt E~~d by the process block 212 in Figure 2. The process begins at a block. 700.
At a pj:~ocess block- 702, t~he MKS-RS 102 sends a "register here" message on communication lines 120 and 122, shown in Figure 1, to the F;c't~ - tZS 110, i-. I-ie ECS 108 or the UL
112. Apperldix A5 cont:ains a 1-ab1e:~ :ir,dicating the general format of the "register here" message of the preferred embodiment. At a process b::lock 704, the ECS--RS 110, the ECS 108 or the 'CJL 112 wi:il. send a registration request to the MKS-RS 1.02 over r: ocrwTrduxk:ic <~t:ic;ar~ Line 120 or 122 in response to the register l::Lc}rc:a" rne:.,sage. Appendix A6 contains a table indicating the general format of the registration :reqUest of f:arribodiment. The ECS-RS 110, the ECS 108 or the UL 112 wil.l ;sign the "register here" message using its ~wn pri.vate signature key. This signed copy of the "cegisC-(=~r hF.a.r..e" rrle.ssage will form a part of the registration request. The registration request will also contain an authent::icat:i.0:1 cE~rtific-at.e of the requestor and an authentication certificate of the requestor's personalizing unit. Iri this case, the requestor will be an ECS-RS 110, an E,CS 108, c~ra J:ia 112. E;acti of: these units can only be personalized by the MKS-PS 104, so the registratiori request wia_:1 contti:l.iti ~in authi-:;nt:ication certificate of the MKS-:l'S 104. 'Thi.s auth(---,!nt:ication certificate was communicated from the MKS-PS 104 to the secure chip 140 of the iar.,i.:i', in the proc:;ess block 508 of Figure 5.
At a process block 706, the MKS-RS 102 will check the authentication +:_.ertificate c-0r:: t:..r7.e MKSPS 104 and the authentication certificate of the secure chip 140 of the requestor. The authc=nt: a.cat_ion cert. i.f..i.cat::es provide a chain of authentication that links ti"le requestor to the MKS 100.

d4b 4 r> -In the present process, tlze MKS-RS 102 wil;[. verify that; the authentication certifi.cate of the MKS-PS 104 was signed by the MKS 100, and that:. t:.;he MKS 100 ,~t.at.'tz::~ra..zed th.e MKS-PS 104 to personalize additional s~~~c::,.i.az:,e r::!hips 140. The MKS-RS 102 will also verify t.hat. the aa.r.t.hent.i.caticDn certificate of the secure chip 140 was signed by t:h~== P!lKS F>S 104, and. that the secure chip 140 is authorized to perform the appropriate functions fox.- the __eqt.iesr.c>:rõ 'Irara MKS--RS 102 will also verify the signed copy of t-he "register here" message using the public signature ver _it:i.c:~G;at:.ion f<>.ey of the requestor, obtained from the requestor s atzthent.ication certificate.
This process verifi.es that.: the requestor has a private signature key that corresponds to the public signature verification key that 'has beera, indi.rectly authenticated by the MKS 100. Tl-ie process c>.1~`. chec,ki..ng t.he authentication certificates will be described in greater detail below with reference to F:igi.a.re 8.
At a decision block 707, the MKS-RS 102 determines whether the requestor has been authenticated and authorized, based or1 the check of the authentication certificates arld the signatt_a.re veri.fication performed at the process block 706. 1 f the requestor has not been authenticated and authorized, t-heary the process will advance to a process block 709. A1:: t:t-z:i_s t ne MKS-R;~ 102 will abandon the registration process and return to the block 700 to resta:rt t:.he rE:~c~i;~t::~ s~,t. t;:>rocess. (Jn the other hand, if the requestor iias been authenticated and authorized, thera the prc:;cess wi:1.1. advancF: to a process block 708.
At the process bl.oc~: 708, t.he MK:S-R.S 102 gf_ne:rates a cryptographic data elernent . 'Ttz e data element ma_4,, comprise any information t.hat.. carl be t.ased to establish a cryptographic link. E;'or ex.amp:lE~., ~.rae data element may comprise an index or seed, an identifier or serial number, a secret: key or an encrypt:ii::>n }<ey. In the preferred embodiment, the data element comprises an initial key package (IKP) . Appendix A7 c;or.ita:i.ras a table indif:.;ating the general format of the IKP of the preferred embodiment. For lE~--subscriber television systerns usingsysterns forcontrol.ling access to television pragz-ams, t::.he IKP will comprise cryptographic i_nformatiori required by the particular access control system. In a preterred embodiment, the IKP will be a CSKEY and an. Entitlement. Key th<:,zt,ri.re double--::length DES
key pairs compatible witlmL ANSI X9 . I.7 --1985 . Numerous other reliable private key encryption t.echni_ques caxi also be used. In fact, different private key encryption techniques can be used si.rm:iltanec..-~us;ly n~> Nstablish diffex:fant secure communication links with.in t..he systPrct. The registration station can indicate which technique (or techniques) will be used when the IKP is, transr,,a_ttc.ci to the requestor. This also allows the techniqt.ze t_a be! changed, even as to a specific communication iink, during a re-registration process. T'he IKP wiil prefexably be unique to a communication link that will l.ak.= established between the MKS
100 and the requestor, arid, i.t: will r.iot be given to any other element.
At a process block 710, tt-ie MKS-RS 102 enc::rypts the IKP using the requesto.r.'s pi..iblic xe~k.ey key. The MKS-RS 102 obtains the requestor's public re=rkey key from the authentication cert.ifi..cate of the se+~ure chip 140. The certificate was contained in. t:Ar10 ~~~+.~qi.stration x-equest.
Only the requestor has the cor.respond.irig private rekey key.
At a process block. '712, ~.he MKS-RS 102 sigris the IKP
with its private sig.nat.:ure k:e~-, .::M.d seaids the encrypted and signed I KP to the requestor ilorig with t::he birth certificate of the MKS-RS 102. This message is also transmitted across the communication line 120 or the communication line 122. t3ec.ause the IKP is enc::.rypted in the requestor's rekey key and because the birth certificate does not have to remain private, the communicat::ion lines 120 and 122 need not be pri%,r:~.te. Any pirate: that may be eavesdropping on these cor.nnrunic.at:i.on lines will not be able to obtain any valuable information. 3'he birth certificate of the MKS-RS 102 corit.ains the aut.her.rtication c~.rt:ificate of the secure c:! iip 140 of the MK,13 RS 102. Geriera y, a birth certificate will a:i,so contain the authentication Ll~4b/y _,}7 .

certi.ficate of th.e personalizing uni..t that personalized the secure chip 140. However, the MKS-RS 102 was personalized by the MKS 100. The MKS 100 does not have an authentication certificate because it is the trusted authority.
At a process block 718, t-:he requestor sends an "OK"
message to the MKS-RS 102 over the communication line 120 or 122. This message :7 ncl:icates that the requestor has received the IKP. After t.lie process bLock 718, the process of Figure 7A proceeds with a pai.r of step sequences that are performed in pa:r:alle:i. A f:::a.rst sequence r_::>mprises a process block 714, a decision blc.>ck. 715 and a process block 716. A second sequence comprises a process block 720 and a process block 722.
In the first sequence, at the process block 714, the requestor checks tAlE autl-ier-it_icata..on certifi.cat::e of the secure chip 140 of the MKS-RS 102 and verifies the signature of the IKP. The process of checking the authentication certif i catEs of the secure chip 140 of the MKS-RS 102 is similar to the l;xrocess of checking the authentication certificate of the secure chip 140 of the requestor in the process block 706. The present process is described in greater detail below with reference to Figure 8.
At the decision block 715, the requestor determines whether the MKS-RS 102 has been authenticated and authorized, based on the check of the authentication certificate and the signature verification performed at the process block 714. I.i the MKS-RS 102 has not been authenticated and authorized, then the procedure of Figure 7A will advance to the process block 709 and the registration wi.ll be abandoned. C f the MKS-RS 102 has been authenticated and authorized, then the process of Figure 7A
will advance to the process block 716. At the process block 716, the requestor applies its private rekey key to decrypt the message containing the IKP. The requestor then saves these keys for future communications with the MKS

100. After the process block 716, the first sequence is complete.
In the second sequence, at the process block 720, the MKS-RS 102 sends arz 1'ECS-RSfECS/[7L Add" rnessage to the MKS
100. This message wi.l..i cozt:Ur:i.n the 1::KP that was sent to the requestor. This mes:.--1sac4e wil7. i:l.so corlt.ain .ic:ientifyi.ng information related t.c:> th(.= i; f.equest: c,r, so t:rlat tl-re MKS 100 can begin to send approp:r-:.at e mes,s<aqes and information to the requestor. This messaqe must. be communicated in a secure environment. However, the MK5-RS 102 is preferably located in the same location as t.he. MKS 100. 'Thus, the same security measures 1::T:[at are _:it;.il:ized to ensure the security of the MKS 100 can also be used to ensure the security of the c,ommunicat ioa::i l.i:ct6t, between the MKS 100 and the MKS-RS 102.
At the process block 722, the MKS-RS 102 wi:ll destroy any copies of the IKP that it has re*ained. The MKS 100 can now use the IKP correspond:i.nc4 to tll:ie specific requestor to establish a, pri.vat.c.,> communication iir.rk with the requestor. After the pro( :.,es5 C)lo~..~k 722, t1:1e second sequenee is cornplete. TY-ie .r.&~qistrat:i..c:an of the ECS--RS 110, the ECS 108, or the UL 112 will ~.~nd at a block '724, after completion of both the first and t.:~.ie second sequences.
Figure 7B illustrates che pzocess performed by the ECS-RS 110 to register a IJL 112 or a channel 142 of a head end 114, as represented bv, the proc:. block 214 of Figure 2. This process is c~enr;, x A~ l:l. ~s,:i.rd1.a.r to the process of Figure 7A, except as :a_rld a.<.ar,rt; ed. `1,}ie process begins at a block 730.
At a process block. 732, t.he ECS-RS 110 sends a "register here" message to the head end 114 over the commuriication line 126 ax. Lo .~he UL 112 over the communication 1.irze 132. [.Jpc:>rx ::r:~ec.ea.pt of: this message, the head end channel. 142 or tiie UA., 112, at:: a process ].)lock 734, sends a registra.tiorr r.-eque~:>t tca the Tr,!,Cr-RS 110, over the respective communication l.i:rie 126, 132. The head end channel 142 or the UL 112 will s-L.gn the "register here"
message using its own private signature key. Tlais signed -4y_ copy of the "register here" message will form a part of the registration requesr:.. TIlc:-~ r.,egista:,ation request will also contain the authentic:,ation o:k: the requestor and the authentication certificate r:)f the personalization station 106 or the MKS-PS 104 that personalized the secure chip 140 of the requestC>1::. As ciescribed above, the communicatiori. lines 126, 132 are preferably ordinary computer netwo.rk. li.nec, A rrle5sacje:~ t:.ransmitted over these computer network lines 126, 132 will include a message header that wili contai..n t.he c:;ornputer network address corresponding to the lieaci eri.d chaiinea. 142 or.the UL 112.
This address will i.denta.fy tYie _,_ocat.ion of the head end channel 142 or the IJL 112 to the ECS-RS 110. The message may also contain add.itional ident.it ic,ati.on infoznmation.
At a proc:ess block 736, the FC;S-RS 110 c:,hecks the authentication certificates of thc, PS 106 or MKS-PS 104 and the requestor. This process is generally similar to the process of checking authentication certificates performed by the MKS-RS', 102 iri whze process 3:,71c..a;.:h: 706 of Figure 7A.
This process is describc:-~c:.f ."k.r.L cjreater, detail below with reference to Figure 8. 7.n addition, at the process block 736, the ECS-RS 110 vex:-if_1.es t:;he sigried copy of the "register here" message i_i si.nr;.J the public signature verification key os: t:hr:~, reCi~d.ie:;tc.ar, obtained from the requestor's authentication cer} i..:::;ic:ate. This process verifies that the requestor has c,, p,1:-ivate signature key that corresponds to the publ:i_s:. :;s.i.gnatta.re veri.f i.cat.ion key that Yias been indirectly al.attaent i.~.~at.ec;l by the MKS 100.
At a decision block 737, the ECS -RS 110 determines whether the requestor has been. authenticated and authorized, based (Drz the chec.k c-if the authentication certificates and the s.:ignat:.tirt:! ve:t-:if.~i..cation per.formed at the process bl.oc..k. 736 . T f the requestor has not been authenticated and aut.horized, theri the process will advance to a process block 739. At t!+lis p<Dint., the FCS-RS 110 will abandon the registration prolcess, and return to the block 730 to restart the r.eg-l5trat,..on pr. r.~c..-~ess . If the requestor ,~~8 141 [:>
has been authenticated and authorized, therl tlie process will advance to a process block 738.
At the proc.,ess block 7:38, tht=! Ec'S--RS 110 gcnerates a cryptographic data c:alrMez-zt . Agai:n, thE= data e ternent rnay comprise any information rhat can be Used to eStablish a crypt.ographic link. I:n.i::.he prel-erred embodiment, the data element comprisc.as an IKP. At ;:~l proc(wss bl.ock. 740, the ECS-RS 110 encrypts the new TKP r.is z nq the public rekey key of the requestor. This public key was obtained from the authentication certificate of the requestor.
At a process b:lock 742, t.he F,(;'S-RS 110 signs the IKP
using its private signature key, and sends the encrypted IKP to the requestor over the communication lines 126, 132.
The ECS-RS 110 also sends a birth certificate to the requestor over tiie communication 1_i_rres 126, 132. The birth certificate will contain ti-re authentication certificate of the ECS-RS 110 and the aL.rthc.rrticauiori certificate of the MKS-PS 104. In ac:.iditi.un, thc~ i:~irch certificate will contain a message indir, at i,ng t::h,:Ii::, tiie secure chip 140 of the ECS-RS 110 will h.av(~;! t,h.e authority to operate as an ECS-RS 110. Ac4a:i.rr, t:.:k-.ii.s c. carnrnuni _a:::ic::7r: need not k;.)e made in a secure environment because t: k~le only valuable information communicated, t::.he IKP, is _i_n t:he public rekey key of the requestor.
At a process block 748, the re.questor will send an "OK" message to the ECS--R;~3 110 over the communication lines 126, 132. This message will. :indi.cate t:hat the requestor has received the IKP. After the process block 748, the process of Figure 7B proceeds wi_th a pair of step sequences that are performed in parallel. A ~irst sequence comprises a process block 744, a decision b.l.ock. 745, and a process block 746. A second sequenc.e comprises a process block 750 and a process block 752.
In the first sequence, at: the process block 744, the requestor check, the certificate of the ECS-RS 110 and the MKS-P:~ 104, c:ind verifies t.he signature of the IKP. The -r eqc.A.t:.a,s t(:) r T,-)i~i-1.~~ verify that the authentication certificate the MKS-PS 104 was signed by b the MKS 100 and that t.h.e MKS 100 jranted authority to the MKS--PS 104 to personal:i..ze add.i.t::::i:.>na:1 secure chips 140.
Also, the requestor w; 1.:1_ c.lae. :k t.he autr.entication certificate of t:hF.> EG'S -RS 110 t::a veri.f_y that the certificate was signed by tta.e appropriate MKS-PS 104 and that the ECS-RS 110 was gr.:inted t}te authority to function as a registration station. This process -is described in greater detail below wit:li ref:erence to Figure 8.
At the decision bloc::k 745, tiie requestor determines whether the E(~'S-RS 110 h~:us k::reen authenti,::ated and autho:rized, based on tkze chec:~. of the authentication certificates and the si_c:tnati..i.re -~) e.x-if:ic:;ation pe:rformed at the process bloc;k 744 . if t he FC'S -RS 110 has r.iot been authenticated and authorized, then the procedure of Figure 7B will advance to t.l-ae process block 739 and the registration will be abandoned. It the ECS-RS 110 has been authenticated and authorized, then the process of Figure 7B
will advance to a process block 746.
At the process b:l.oc.k. 746, 1:hF-, requestor applies its own private rekey key to tka+::~ encrypted :IKP received from the ECS-RS 110 ai-id saves the resulting keys. "I'he requestor will not give these keys to any other element. After the process block 746, the first sequence is complete.
In the second sequence, at the process block 750, the ECS-RS 110 sends a"head e.nd channel add" or an "up link add" message, a~~~ong witki tlie riew IKP, to the ECS 108. This message will also contair-z identifying information related to the head erzd :haz~nR ::t :142 oi: t::,hE,~ UL 112. This commu:ni.cation mt..zst, be e.~;.~~,yc..2:itec:z :i.r! a secure emurironment .
Preferably, the ECS-RS 110 and t.ize ECS 108 are boP::h located in the same facility, and there a:r.=e adFaquate precautions to ensure a secure envi.ronmerit õ At th- p:>,-ocess block 752, the ECS-RS 110 will destroy any copies of the IKP that it has retained. At this point, tkie Ei'S 108 and the head charinel 142 can establisli a private c:omsYrui:~.ication link using the new IKP over the line 124, or the E('S 108 and the UL, 112 carL esr.ablisi:i. s:[ px: i.vate communication :a ink using .,r) . line 132. After the the new IKP over the c:Ornmun:ic:ati.,.:

8 4' b 9) 2-process bloc}c 752, the ,.3eco:r-1c:l sequence is compl.et:e. The registration of the head E>nd channk:~~:l. 142 or the UL 112 will end at a block 754, t:rfter Df both the first and the second sequences.
Figure 7C illustrates a process performed by the ECS-RS 110 to register a decoder 116, 118, as represented by the process block 216 ir-i :E'iguse 2. This process is generally siniilar to the process :)f Figure 7A, except as indicated. The process l:)e9it-ls at, a b:i.ock 760.
At a process bl..oc.k: 762, t:.he ECS :L08 sends a"regi.ster here" message to the head eric:i 114 o-v"er the communication line 124 and to the UL 112 c)vc..:r; t;he co7nrrluni.cation line 132.
This message will contain a. t:e:tephc:,ne number for the ECS-RS
110 and information about: the location of the head end 114 or UL 112 from which the message was received. At a process block 764, the head end 114 and the UL 112 repetitively send the "~egister here" message to the decoders 116, 118 ovey. the , rTrrr:tznic:a:: i c~n lirles 134, 128, 136, 138. :In the preferred c,iYr.kaodi.rif:ant , a decoder 116, 118 that has not yet beeri :Cega.st::e:rc:.!c; ca.ranot uridex-stand any message or data that it rec:e_i.ves, excF:~pt for the "register here" message, because al.1.. ~~.)t::her ::i.ni:orrriation is (~}nc:rypted, and the decoder 116, 118 does not yet: have the necessary keys to decrypt any of the ;infc_,rmat. i.o1j..
At a process bloc.-k 766, the decoder 116, 118 establishes a telephone link wi.t.h the EC-S-RS 110 over the communication liize 130, 131 using tl-rE! telephone number obtairied from the "registe.r lrere ' message. The decoder 116, 118 sends the EC:'S .:kZ-S 110 a :r.c,_~c.li..st: rat.ion request. The decoder 116, 118 w_i_il siq,d:-i the ' reciister here" message using its own private 5ignat.ir:e }<ey. 'rh:is signed copy of the "register trere'' me:>sag,.: wi::l:l form a part. of the registration request. 'i'lle reg1.strat:ion request will also contain the aut.hentication cert.if:i..catF: of the decoder 116, 118 and the authentiua.tion certificate of the personalizatiori station 106 that personalized the decoder 116, 118. The registratiorl request wi11 also contain identification informatdLor-r ;.rbc:rut t:he dec:oder 116, 118, such ..., ~_7:,.1 ..

as a decoder serial number from a security element within the decoder box 1.16, 118. A, described above, the "register here" message c:,crita:E,rrs the ide.ntification of the head end 114 (Dr t::r.e UL 11.2 ::3e:rtd:i.ng t~.he message. The "register here" message and the decoder seri<.rl number, coupled with the telephone number from which the decoder 116, 118 calls provide sufficient information to identify the subscriber corresponding to the decoder 116, 118. The telephone number frorn wi-iic:Yi the decoder calls can be obtained, using an Aut.omatic Nurr'LbQr ldentif:i.cation (ANI) feature ofmodern te:leph.c-)r-a.e systems. I.n the :r-are cases where ANI is rrot: aRrai.l.ak,>:4_e, t:.t-ie, ;..t:.::le,:,phone number can be programmed into the sc.:.cux:-_i.t.y e:l.ement of the decoder box 116, 118, as part of a process for installing a decoder 116, 118 into a subscriber' ~-., locati_orr. The subscriber's telephone number can t.herr be inclt:rded. in the registration request. The above-descri.bed information will enable the ECS 108 to associate a part:ic-alar set of decoder box keys to a particular subscribei, t:,:-;" a1.low t.:l-.e subscriber to view the correct programs }:rYr unscrambling select::ed video signals. Alternat.ivel.y, '::.h.e_r-e are rnmc..rous other methods by which an ECS 108 can b~:~" informed as to which decoder box 116, 118 should be associatec.i with %Nh:ich subscriber. Also, some implementations of the present invention may allocate to other units of a systenl the funct.ions of determining which decoder boxes 116, 118 shvuld be a_llowed to unscramble which video signais.
At a process block 768, t:Eie ECS-RS 110 checks the authentication certif::i~~:ate the c:iecx,der 116, 118 and the PS 106. This process is r::,:~.milar tO thF> process of checking authentication certifi.cat .es of- the process block 736 in Figure 7B. This process is described in greater detail below with reference ta F:iyure 8. T:he ECS-RS 110 will also verify the signed copy of the "register here" message using the public signature verificat:iorr key of the decoder box 116, 118, obtained from ".A-ic.y at,ather:k.t.icat.ion cert:i..ficate of the decoder box 116, 118, Tih:i.s process verifieS that the decoder box 116 , 118 tr~a.:; ~::, S:ignature key that , Al --corresponds to the public 5:i.<.lnatu;c_e ,rerification key that has been indirect.ly aijthent.i.c:~ate,d by the MKS 100. At a decision block. 769, tb.e ECS-R.ti 110 determines whether the decoder box 116, 118 has beeri autYienticated and authorized, based ori the check of the authenticat::ion certificates and the signature vr:>rif i cat i+:y)ri perforriied at the process block 768. If the dec.od.ei: boy,: 116, 118 has not been authenticated and authorized, theri the proces'S will advance to a process block 771. ,N'- th:i,s point, t::he ECS-RS 110 will abandon the registration process and return to the block 760 to restart the regist:.ration process. If the decoder box 116, 118 lias been authenticat.ed and authorized theri the process will advancE:~ to ~:l pr.:>cess b1ock 770.
At the process block 770, t.he FiaC:"S-RS 110 generates a cryptographic data element. Aqazn the data element may comprise any information that c..at:i be used to e;i,;tablish a cryptographic link. In the prefer.red ernbodiment, the data element comprises ari IKF. 'ihe new 1KP will be used to establish a secure cNomrrru:a:r:ac:atvi.c.~r, link bE:-atween t1ie ECS 108 and the decoder box 116, 118. Messages between the ECS 108 and the cable decodea- box 116 can be transmitted over either of two messago paths. Fir.st, the EO>> 108 can transmit a message over the communication line 124 to the head end 114, wit'lich will then trarismit the message over communication line 134 tc,; t.ric-,. Jec,Aer box 116, 118.
Alternatively, the ECS :108 (:;lan, trarlsmit a message over communication ]_i.rre 132 t:o tl.rF '..3L 112. 7:'hen, the I:.TL 112 can transmit the message <-i.;,ong cornmuia:x..~..^at ion line 128 to the head end 114, which will then transmit the message over communication line 134 to the decoder box 116. Messages between the ECS 108 and the satellite decoder= box 118 can also be transmitted uver. ~ i.t1~E.r of twi:~) rnessage paths. In eithe:r path, the ECE; 108 w.i.l:l. t.x:ansrrlit a message over the communication line 132 to t:he. 1TL 112. Then the UL 112 will either transmit the message directly to the satellite decoder box 118 over communication i:ine 138, or it will transmit the message to the FiE 114 over communication line 128. The HE 1.14 will. therr, r--el-ay tk-ie rnE.~,ssage to t.he decoder ..~ .
-;4 ~ ..}
.J

box 118 over the comrrru.ra.:i.A:at:l.o:rz line 136. These communication paths will be we1.1 -known to a person of skill in the art.
At a process block 772, the ECS-RS 110 will encrypt the new IKP into the publ.:ic rekey key of the decoder 116, 118. The ECS-RS 110 obtains this public rekey key from the authentication c:ertificate of the decoder 116. The certificate was contained in the registration request.
At a process block 774, the t::CS--RS 110 signs the IKP
with its private signature key, and sends the encrypted IKP
along with a birth cert:ificate, to Lhe decoder 116, 118 over the communication line 130, 131. Aqain, the communication line 130, 131 need not be a secure communication link, because the only valuable information, te,:i i.r~~. r.l-ir:.: s1~k:>a ic~ rekey .=kr,-.~ of the the :IKP, .i ~'s enCryp ~. y decoder 116, 118. The b:l. z t:.h cer t::i. f: icate will contain the authentication certificate of t.he ECS-RS 110 and the authentication certificate c:Ff the MKS-P5 104. 'The birth certificate w;ili also cont_a:i..r a message indicating that the secure chip 140 of the decoder 116, 118 is authorized to operate as a decoder 116, 118.
At a process block 780, t:.:kie decoder 116, 118 will send an "CK" message to the F,t'S-Rti; 110 over the communication line 130, 131. This message indicates that the decoder 116, 118 has received the IKP. `I'r:.e decoder 116, 118 will then terminate the t: e ic~.~pkio:r1E . c:a l.:L over the comrzluriicat ion line 130, 131. After the proc:e.s.= block 780, the process of Figure 7C proceeds with a pair of step sequences that are performed in parallel., .r^, first sequence cornprises a process block 776, a decision lw>:lock. 777 and a process block 778. A second sequence comprises a process block 782 and a process block 784.
7:n the first sequence, at: the process bloc.};:. 776, the decoder 116, 118 checks the authentication certificate of the ECS-RS 110 and the MK.a-PS 104 and verifies the IKP
signature. The process of checking the authE_:nt.ication certificates is si.milar to the process of checking authentication certificates of the process block 744 in d4b;/Y

Figure 7B arid will be described in greater detail below with reference to F':igure 8.
At the decision block 777, the decoder 116, 118 determines whether the FaCS-RS 110 has been authenticated and authorized, based on the check c)f the authentication certificate and the signatlz.r.e= ve:r_ 7..f icati.on performed at the process block 776. I:k: the FCS-R~3 110 1-ias not been authenticated and author.:c_zed, t.heri the procedure, of Figure 7C will advance t.o the block 771 and the registration wil l be abandoned. it the I1~~CS- RS 110 has been authenticated and authorized, theii the process of: Figure 7C
will advance to the pr-ocess b:1.oc:k 778.
At the process block 778, the decoder 116, 118 applies its own private rekey key to dec.r.ypt tize message containing the IKP. The decoder 116, 118 t:her, saves the keys for future use in de(:rypt.:iriq Mea~SacJeS E::1iCrypt.ed by Ole ECS 108.
The decoder 116, 118 will z~:ot give any ot.her element access to these keys. After the k:lock 778, the first sequence is complete.
In the second sequence, at the, process block 782, the ECS-RS 110 sends a"decoder a.(ld" message, alonq with the new IKP, to the ECS 108. "T'his messaqe wi;a.l also contain identifying information related to ttze decoder 116, 118.
Again, this message must be c~...~mm-~a.riicated in a secure environment. Next, at:. ttie 1:):e oceas bLock 784, the ECS-RS
110 destroys any copies C)f t.;:rse IKP? Ltiat:: it tias retained.
Now the ECS 108 and the c:lec~(Dci.er :k~ca1. 116, 118 can establish a secure communication link using tYie new IKP. After the process block 784, the secorid sequerice is complete. The registration of the decoder 116, 118 w:i l l end at a block 786, after completion of both tiZe first and the second sequences.
Figure 8 illustrates the processes for checking an authentication certificate c..af both ,~ personalizing unit and a secure chip 140. The uni.t rnay k:)(-, a PS 106 or an MKS-PS 104, Ttie sec:~ux=e chip 140 rrlay be for ari MKS-RS
102, an ECS-RS 110, an FC5 108, a l.:al, 112, an HE channel 142, or a decoder 116, 118. These processes are ~4" 6 7 9 represerited by k:.he process }--docka 706, 714, 736, 744, 768 and 776 of Figure 7. 'l'hese processes will generally be similar to the processes :z_ep.r:t=~serlt(:~d by the process b:iocks 510 and 512 c>f Figu:rfa 5, ex.cep?-. as indicated. These processes will. be executed by a j,,cari fying tzriit constituting an MKS-RS 102, an ECS-RS 110, an FF"S 108, a. UL, 112, a head end channel 142, or a decoder box 116, 118.
The process for cftecki.ng the authentication certificate of a personalizing unir: begins at a block 800.
At a process block 802, the vet:,.ifyi.ng unit applies the public signature ke,/o.f MKS 100 a.nd the 1DSS to verify that the certif:icat:e was s:i.gned by t.lie MKS 100. At a decision block 804, tlxe vc::t.r.:a.fying ur--it deterrnines whether the signature verification was succe._7sfu1.. ?f not, then the verifying unit proceeds t..o a block 820. At this point, the process for checking the authentication certificate ends with an error condition. ~:f: t::he verification was successful, then the verifying unit will p-roceed to a process block 806.
At the process b:lock. 806, t:r'ie verifying unit will check the content of. t.:hE~ ~.Iur.:hrri.zJtic:)n data va:;`ue of the certificate. At a decision b1.o~.^k 808, the verifying unit will determine whether the personalizing unit was authorized to personalize the secure chip 140. If not, then the verifying uni.t will proceed to the block 820 and end the process with an er-ror, condit:'on. Otherwise, the verifying uriit will advar-zce to a. procE,ss block 810.
At the process block 810, t.7ie ver:ifying unit will compare the ef:Eec:.tive ci.ai:::e r:and t.he expirati.on date of the authentication (::!ert.i.:ti.caR:~e ~miqai.n.sr. th~+ current calendar date. At a decision b1.oc.-k. 812, t,he verifying unit will determine whether the certif icate is fresh. If not, the verifying unit will advance to tt-ze block 820 and end the process with an error conditlon. C>therwise, the verifying unit will advance to a :)..ioc..k 814. Atthis point, the process of checking the c:'c~x.`:.JILicat:.e is complet.e and the verifying unit wil1. return with nc::? error cond:ition.

Z ! d 4 As an additi rial safeguard against pirates, the registration routine of ~;G ve:ri.fyi..nv~ t.tnit can be executed by a programmable processing c,ja-~ the secure chip 140, where the program is c.ontaic~:ic:=d :i.r ROM on the secure chip 140. This will preve.nt:. a pirate from avoiding the verification process.
The process for checking the authentication certificate of the secure chip 140 of the unit that is currently being authenticated begins :-it a block 816. At a process block 818, the verify.a.t-i.g ia.r.tit app::Lies the public signature key of the person.al.a..zing UB:i.t: (obtained from the authentication cert:ifi.cat.e (Df t}iE.+ per sonalizing unit) and the DSS to verify that the cex:t:ifZ.cate was signed by the personalizing unit. At the s:ae.r_i.sion block 804, the verifying unit detertniries whether the signature verification was successful. If not, t.he verifying unit advances to the block 820 and ends the process with an error condition. Otherwise, t.he vei'ifying unit advances to the process block 806.
At the process block.. 806, t;:kte ve:rifying uiiit: checks the content of the data value in the certificate. At. the dec.isican bu_ock 808, the ve7-if_ication unit determines whether the secu.re chip 140 of the unit being authenticated has been authorized to perform the appropriate functions. If not, then the verif:ying unit advances to the block 820 and ends the process with an error condition. Otnex:-wise, ti-ie verifling unit advances to the process baock:. 810.
At the p:rocess b:lcack 810, the vex~ ifying unit compares the effective date anc::s. t.t~e :r.xpi.zation date of the certificate against the cur.rent dat.Ez. At the decision block 812, the verifying ,..zn..it rietermines whether the certificate is fresh. If not, then the verifying unit advances to the block 820 and ends the process with an error condition. Otherwise, the vei~-if ;ring unit advances to the block 814. At Z;a<:_:,i.x-Gt, f:.l-ze verifying unit has successfully compl.etec:i the r:,heclk of the ai..ithE:>nt.ication certificate and returns to ]:a::lgL.zre 7.

The method of the E..xresent: inverit::.ion will establish a number of secure c:.ommunics.t.i.on :iin:4<.s between different elements of the subscr-ibe:x: t(.:,:Lev.is:i.on system. 'The MKS 100 will have a secure link wit7i each of the ULs 112 in the system over= the c~orrimurr.icat::ion line 120. Also, the MKS 100 will have a secure comztunica.t:ion lin}~~~> with each of the ECSs 108 in the systern ovet,7 the communication line 122. The ECS 108 will have a secure communication link with the ULs 112 over the communi.cation line 132. Each of the ECSs 108 will establish a secure communication link with each of the head er7d chan_nels 142 over the communication. line 124. Eact-1 of t:Yb.e ECSs 108 in the system will establish a secure comml.:ini.c<:rt::.,c)n link with each of the cable decoder boxes 116 c:ver t::tw c:: orrcmun:icati.on lines 124 and 134, through t1ie l-iead F-~rld 114, and over the communication .1ines 132, 128 and 134 tr1rough t:he UL 112 and the head end 114. Also, e,.~c.h ol:: t:k1e F,Cs 108 in the system will establish a secur(:~, corrimunicati..on, lirik with each of the satellite decoder boxes 118 over the communicat.ion lines 132 and 138, thr(Dugh the UL 112, and over the commuriication l ines 132, 128 and 136, t Yirough ttie UI. 112 and t:lie HE 114.
Private communication messages can now be transferred across the secure communicatiori links using the keys from the IKP loaded during the regist.ra.t::.ion process.
As described above, the uplink 112 transmits video signals to the head end 114 over the communication line 128 arid to the satel.lite decloder bc)x 118 over the communication line 138. One or more c)f these vi_deo signals may be scrambled. The riead er-id 114 rn;_iy unscr amble orie (!:.:)r more of the scrambled video sign<,:tia i:.ece-,.vc_d from t:he uplink 112.
The head erid 114 will then t.ran.smi.t -video signals to the various cable decoder boxes 116 in Lhe system over the commuriication liiie 134 and to t7-ie various satellite decoder boxes 118 over the communication ,l-::i.ne 136. Orie or more of the video signals received by t-.he decoder box 116, 118 may have been scrambled either by the 1.iead end 114 or the uplink 112. The decoder box 116, 118 may unscramble one or more of the scrambled video signals that it receives.

L. d S,,,f T 4J ! r~

With the above -descri.bed secti:rP communication links, the ECS 108 can now control which channels each of the head ends 114 and each of t%-re decocier boxes 116, 118 can unscramble. The ECS 108 w:i..:1..:1. t::.ransmit, a variety of keys to the uplink 112 over tlie ~.,orurnuTI:i.Cation ~1ine 132 using the secure communication. link. The ul:.rlinh. 112 can use these various keys to scramble some or all of the video signals under the direct.ion of the ECS 108. 'T'he ECS 108 can then control whictA video signals can kDe unscrarnIz-)led by the head end 114 by only serlding t:.hc= c:rr,id 114 the keys that correspond to the scrambled video signals for which reception is authorized at t.he head end 114. These keys will be transmitted from the ECS 108 to the head end 114 over the communication 1. ira.~~~ :124 using t:lle secure communication link.
Similarly, '-he ECS 108 will ;3end a variety of keys to the head end 114 over the communication line 124 using the secure communicatiori link.. 'I4-ie head end 114 wil.i use this variety of keys ro scramble, under the direction of the ECS
108, one or more of the ,,:idc.o ,:,i.qna:i,s sent t.o the cable decoder boxes 116 over the Cc,mmux-l:i.cation lirie 134. The ECS
108 can now send selected keys t.(_) t:ze differerit decoder ..;ow tiie decoder box 116, boxes 116, 118 of tl-ie system t.o al~
118 to unscramb:le select:.ed ~ri.dE:c, s:i.c4na::i.s that have been scrambled either by the ~iplink 1.12 c,:r the head end 114.
These keys will be transmitted f::,-om the ECS 108 to the cable decoder box 116 over t.he communication line 124, through the head end 114, arid over the c,,ommunication line 134, using the secure link. Alternatively, the ECS 108 can senci t:i}e over the communication line 132, through the upl..ink 112, over the communication line 128, through the head end 114, and over the communication line 134, using the secure communication link. The ECS 108 will transmit keys to t:h.c:.a satellite d.ecoder.- box 118, over the communication line 132, th.rauc4h the uplink 112, and over the communication l.ine 138, using the secure communication link. Alternati.vel.y, the ECS 108 can send the keys over t:~he corr~mt:~r3.i.c,.ltm,i.cra 1..::i.r e 132, through the uplink 112, over the communication line 128, through the head end 114, and over the communication line 136, again using the secure communication l.irLk.
As an examplF. :)f a:ka. e,ri^~::lt::i.ement system for a subscriber television 5yst: eiri, a5si.zme a systern with video channels 2, 3 and 4ancJ ,x cable de!coder box 116 and a satellite decoder box 118. Assume that the UL 112 transmits the video signais for channels 2, 3 and 4 to the HE 114 over commun~:_cati.on. :1....i..ne 128 ind to the satellite decoder box 118 over th~, ~:~(=muni(õ,at_i.on line 138. Also, assume that the HE 114 transmits the vi.deo signals for channels 2, 3 arid 4 to the cable decoder box 116 over the communication line 134. T:xae ECS 108 may serid encryption keys A and B t::o the X7L 112 wa.th. i..n.,tructions t~::) scramble channel 2 using key A arid c:: ~ azanE ~. 3 t;Isi.ng key B. The ECS
108 may then send keys B, C ;3.nd D to the HE 114 with instructions to unscramble channe:l 3 using key B, insert some local programming inforrilatiorl, and then rescramble the video signal using k.ey~r C. '.[`he >~,t:`S 108 inay a:Lso _Lnstruct the HE 114 to scracnb.Le c.~han.nc_.-.1. 4i..xsing key D. If the subscriber wi_th the cab:h.e cI'Lecode7 box 116 has paid for channels 2 and 3, then the ECS 108 will send keys A and C
to the satellite decoder box 116 with instructions to unscramble channel 2 uaring k~~~y A~~1tzd to unscramble channel 3 using key C. If t:hc., s-Ub1Scx.i`ber with the satellite decoder box 118 has paid tcx.- channels 3 and 4, then the ECS
108 will send keys B and D to t:he satellite decoder box 118 with instructions to unscramb_Le charinel 3 usirig key B and to unscramble channe.l. 4 tis:i.ne:,7 ltiev A person of skill in t:azc.y ax.-t~ vv,,l1 u:nde:c'stan(.1 from the above disclosure which keys in an ent.a..t:l..ement system should be sent to each of the up~i.inks 112, t:o each of the head end channels 142, and to each of tize decoder boxes 116, 118 in a subscriber television ..zyst.r.:am.. A person of sk:i_11 in the art will alsc) understand t:h.f-:! type of key that should be used based on the partictz:l.a.r scrambling tec:hnique that is chosen. The preferred enbod:iLment of t:he present invention will use a di .~t:a1 scramig~~' t;ochsxiq~ae, Several of which o /*

are disclosed in the prior art:; although an analog technique could also be used.
The method of the present invention, as applied to a subscriber television system, :tor distributing keys for scrambling and unscrambling video signals is a significant advarice over existing subscriber television systems.
Existing subscriber television systems are typically implemented using decoder boxes that contain a key permanently stored therei.n. Urrlike t::.he permanerit storage of the public s ignatux-e key o:E: r_-he~ MKS 100 in the present invention, the keys st(-)red in prior art decoder boxes function as private encrypt:ion keys for the decoder box.
If a key of a decoder box is compromised, then each of the decoder boxes iri the system, relying ori that key, must be replaced. In an alternattive, design, each of the decoder boxes contains a. replacet.Yble securi.t,,r cartridge, where the key is permanently storer:i in the c::;a..r. t ridge . In this type of system, if a security key ig c,(.)1T1j:)1:or71:i.sed, then each of the security cartridges, wi1i..ccA'i col~nta..i.n t:hat key, nlust be replaced. In a subscr:iber te~levi.31o11 system incorporating the present invention, t:f':i~:=r~~ i.~> z1c~ need to have a private security key pex_-manent::l.y <xsw:,,oc i.atc,d wl.th a given decoder box. If a decoder k.,Cx rxr.zsCx:~arTrbl.irrg key has been compromised, then any dec,(.)der bo:x r..ita.:liz:ing that. specific key can have a new E,c::y t:..rarasmit:,tG.d over a secure communication link, or the decrDder box ca.n be :r. e-x:~egistered to again establish a secuz:'r:i' ;_!orcrmun.i.c~:it:ion lin.k. The re-registration pror...ess can bEa j::>erfo.>::-rned w:iwt::hout an,y hardware change, saving largFa sums ~,>f: znc:rre~'. Tn a.ddition, the capability of the presen.t inver:Gt.:i~.:,)n :r_~emotely download new keys to decoder boxes, :in.-rtead of provi(ling each decoder box with a perma.nera.t key, el..:i.mi.nates the need to track the permanent keys o:E various clecoder b,)xes at a central location. Instead, a more ~i..oca1. ECS 108 can track the downloaded keys for the decoder boxes w-Ithin its control. This feature also al:i.ows decoder boxes and other equipment to be easily transferred to other subscriber television systems using tt-ie same or a, compatible system.

d4b A person of skill. in thFa art wi-l l. be able to apply the concepts of the present invention establish different secure communication links iri dif.ferent communication systems, arld also in systems for which ~~~.ornmunicat ion is not a primary objective. Fox r.Dr-her s,,7stems, the functions of the MKS 100, the MKS--RS 102, t::Jie MKS--PS 104 and the PS 106 can remain the same, Howe%re7:-, differ=:~nt operational units wi l l generally be reqt:t:i. r. eci. . Every operat i onal unit, however, will still contain a secure chip 140. The ECS
108, the ECS-RS 110, the UL 112, t.he HE 114 and the decoder boxes 116, 118 rriay be rs:plac_.ed with c:iifferent operational units that perform the :i:equ:i..red. c,pexat;.:ican<:,1l fu:actions of the differerlt: system. H(:)we'-re:I:, eaC'pl OY the se.r:,ure chips 140 will be persona:tized t:.o the metriod of the present invention and the oper:ition.al units will be registered according to t.he method of the present invention. The functions per-tortned by these different operational units, that a:rr-:~ not related to establishing a secure cryptographic ne~t~~wor:k, %rar.y widel.y . Other systems may also usk, t:Lie:, MKS_F;S 102 to perform all registrations i.nstead of: haivi.nq :_-1 separate registration station, such as the ECS-RS 110.

APPENDIX Al Authentication Cert:ifi.catE-a for a PS, an MKS-PS or an MKS-RS
Certificate Header Certi.fa.cave ID
Issuer ID (=MKS) Issuers Certificate ID (=NULL) Effective Date Expiration Date Authorization Block Authorization WPS, MKS-PS, or MKS-RS) Authorized ID
Public Signature Kel!
Key Header Variable '."ype (=Pub:1 a_c. Signature Key) Key ID
Effective Date Expiration Dat(.::=
Public Signature Key Data Signature B:3.ock.
Public Signature Key II:7 (=~~~IKS Public Signature Key) Hash Algorithm W, Signature Algorithm ID
Signature Data APPEI.qDIX A2 Initialization Message for a PS, ari MKS-PS or an MKS-RS
Certificate Header Certificate ID
Issuer .ID (=MKS) Issuers Certificate ID (=NUT.,L) Effect::ive .Date Expiration Date Authorizati.on Block Authorization (=PS load, MKS-PS load, or MKS-RS
1 (aad;
Authorized ID
Private S:iqriatt.zre K.n Key Header Variable "11'ype ( ==Pri var_e;l Signature Key) Key ID
Eff ect ive I::)at e., Expiration Date Private Signature kCey Dara Signature Block Pub1i-c Signature K.e Yr I:D (=MKS Public S_Lgnature Key) Hash Algorithm I:,~
Signature Algorithm ID
Signature String _ur~....

Authentication Certificate for a HE, a C:)ecoder, an ECS-RS
or a UL
Certificate Header Certificate ID
Issuer ID (--PS TD) Issuers Certificate ID (=ID of PS's certificate) Effective Date Expiration Date Authorization Block Authorization ( ~-HE or Decoder) Aut:horizeci ID
Public Signature Key Key Header Variable Type (=Pub.lic Signature Key) Key ID
Effective Date Expiration Date Public Sicina.ture Key Data Public Encryption Key Variable Type (=Public Encryption Key) Key ID
Effective Date Expiration Date Public Encryption Key Data Signature B1.oc:k:.
Public Signature Key ID (=PS Public Signature Key) Hash Algorithm ID
Signature Algorithm ID
Signature Data L/

_b"7__ APPEPvr'DIX. A4 Initialization MessaqE:~ for a EIE, a Dei:..:oder, an ECS-RS or a UL
Certificate Header C e rt :i. f:: ic a t e ID
Issuer ID (=PS !D) Issuer.s Ce:r't.i.f:i.cat(:I::[:) (:::IU of PS's certificate) Effective Date Expiration Date Authorization Block Authorization i--l-iE load or Decoder load) Authorized ID
Private Signature Key Key Header Variable 'yype (=Private Signature Key) Key l::"D
Effective Date Expiration Date Private Si.gnati~rc K:ey Da1y.a Private Encryption Key Key Header Variable Type -F]x: i rat ~ Encryptic.n Key) Key ID
Effective Date Expirat::'Lor, Date Private Encryption Key Data Signature Block Public Signature }<:ey IT (- PS Public Signature Key) Hash Algorithm I:D
Signature A1goiA.t.hrri ID
Signature Data "Register Here" Message Certificate Header Certificate iD
Issuer ID (=MKS) Issue7: s Cert:ifi :,at(::^ I1:) (-=NUUL) Effective Date Expiration Date Authorization Block Aut.horizat.:i.c:iz-y. i==R.eq:i.stFar Hece) Authorized ID (NULL or specific I.D) Data Block (co.ntair-!.a.z~3.g t:1:), telephone number or network address ().f t: he F X".S -- FtIS designw~ed as the regist.ration. point for all units receiving this message).

Signature Block Public Sigriature Key ID (=MKS Public Signature Key) Hash Algorithm ID
Signature .Algox itliiTi ID
Signattzre Data 6 4 b -6.9-A
Registration Request Certificate Header Certificate ID
Issuer ID N:1:D o~~.' requesti.ng unit) Issuers Certificate ID (=ID of requesting unit's c-erta.ficare) Effective Date Expiration Dat,<~
Authorization Block Authorizat:ion ;-=Reg:istrat:ion Request) Authorization ID (ID of ECS-RS designated in register here message) Data Block (containing the register here message which stimulated thi:::, request) Signature B:I.ock Public Signature Key ID (=ID of unit requesting registrat.i. on.) Hash Algorithm ID
Signature Algoia.t..,hm ID
Signature Data d 4 b APPEI.U~DlX A7 Initial Key Package Certificate Header Certif.:.i.cate ID
Issuer ID (=RS ID) Issuers Certificate ID (=ID of RS's certificate) Effective Date Expiration Date Authorization F3lock.
Authorization (=Key Package) Authorized ID (ID of uaii.t_ authorized to load this Key Package) Encrypted Key Key Header Variable Type (-Encrypted Key Package for a spec:i. t:i.c appl i Yat icari) Key ID
Effective Date Expiration Date Decryption Algorithm ID
Decryption Key ID
Encrypted Key Data (the encrypted key data required by the specific application) Signature B1..ock Public Signature Key ID (=ECS-RS Public Signature Key) Hash Algorithm ID
Signature Algorithm ID
Signature Data APPENDIX r~~B
Field Type Definitions:
Authorization - A spec7.fic action or role the entity named in the Aui.horized ID is aut.k-iori.zed or permitted to perform. T]:ze 5ignex, Of I::'his ce:r:tificate grants this authorization by signing the certificate containing this authorization.
Authorization 91oc.k Ar.l a..1j:.hox:-ization for a named eritity to perform a part:]..cula.r a:ftion or act in a particular role.
Authorized ID - The unique identifier (i . e., name) of the entity granted. the associ.~.~ted autk-icarizati.on.
Certificate Header - A. block ot: information at the beginning of every certificate which identifies the certificate in terrns of .it:s soi.ircE::a, its pai:-en.t in a certificate chairi, arad its effdw(::~ti,re period.
Certificate - A block of information consisting of a Certificate Header, zero <<)r mox-e Author:ization Blocks, zero of more Keys (Public, Privat(-., or :Ia]r.~c.~:.ypt.ed) , ze:r^o or rnore Data Blocks, and a Signature Block. A;.l valid cex.-tificates are traceable via an authentication chain to a Masters Public Signature Key- hel.c:l. ::zn Read Only Memory (ROM) by all entities.
Certificate ID -- An identification field (e.q. serial number) unique to this certificate.
Data Block A Block oi: data byt-.e,~ with arl application specific content and mearti.ng.
Data Block Data - The information bearing portion of a Data Block Data Block Length -- 'i'iie lengt:Ya of the Data Block Data portion of a Data Block.
Decryption Algorwthm ID - A code identifying the specific decryptior:. a1c~orit::~~,:m raeeded to de<:rypt the associated Encrypted. Key Dat.c3..
Decryption Key ID - The Key I'D of the key needed to decrypt the associated Encrypted Key Data.
Effective Date - `.N--a+~~ earl.:iesa.:. c~atE~that any of the data (i . e., ai.ztho:rizat.;;.on bl.ock, keys, otraer data) 4 ba7 7~-contained in tiiis certificate may be considered valid for use by any entity receiving ~h:is cex,-t if:icate .
Encrypted Key A. black of i.i:-ifc.,rmation co,.ztaining a Key Header, a Decryption A.i..gorithm :tD, a Decryption Key ID, and Encrypted Key Data. I'ii:i.s information is sufficient for an authorized entity to dc:.crypt, the key.
Encrypted Key jData - Th~^-~ act:::.i.a.ai. key in its encrypted form. The content of this field is dependent on the Variable Type and Decryption A1.gc=rithm.
Expiratio.n Date - Tll{~ 1..x.at t:kiat any of the data (i.e., authorizat:ion bLoc:lc, l,!.eys, Eanc:i c.ai::.her data) contained in this certificate may be c~~nside;e'ed valid for use by any entity receiving this certifi-cat.e.
Hash Algorithm ID .- A code identifying the specific hash algorithm used in generating tl1-ii;~:a signature.
Issuer's CertificatE::~ :CI:? Cr~r.ti,fa,cate ID of the Public Certificate containing t1he Issuer's public Signature Key used to verify this c:ert.ifica+~~,~e and the aut-.hority to issue this type of certificat:e.
Issuer ID - The uniclue Identifier (e.g. nanle) of the entity issuing this certificate.
Key Header -- A block ol: :inlormation at the beginning of all keys con.aisti.ng c:lt a vax-i..a.b1..e Type, a Key ID, an Effective Date, and an. E.4.pa.r:at:ic}i-. Data.. This information is an information tag for t,.he key.
Key ID - A unique id.ent i f ier ( i. e., serial xlumber ) of a key.
Private Decryption K.ey - TYie p:rivR:ite decryption key is a block of information which permit.s decryption of digital data encrypted using a corresponding pi.iblic encryption key.
Included are time limit:.s c.>n. t.;he autli.ori.zed period ot= use of the key for data decrypt;iori.
Private Decryption Key Data - The actual private decryption key data. The exact forrn and coritent of this data is determined by the Variable Type.
Private Signature Ke!y .- ':I'rie pr:ivatc:, signature key is a block of informa.tion wh:i c:.n. permits generation of a ~4b, digital signature. This s:a.qnat.urE~ rtlay be verified with a corresponding public signature key.
Private Signature Key Data - The actual private signature key data. Tl-r(-- exact form arld content of this data is det.ermined by th~:^ as:.~)c,c::.at.ed. jaz:iable Type.
Public Encryption K~-~-y The encryption key is a block of information which permits encryption of data which may be decrypted only by izsing the corresponding Private decryption key. Lncluded are time limits on the authorized period of t~as e c:;:f tlle key far.. encryption.
Public Encryption Key Data - The actual public encryption key data. The exact. form and content of this data is determined by the as5ociated Variable 'Type.
Public Signature Ke~y ':i'he public signature key is a block of inf_ormation whic:,T;~ pc.~.irrAts verification of a signature generated with a rP..r. .r..espcandi ng Private Signature Key. Included are time limits on the authorized period of use of the key for sigriat:.ure veri.f:icati.on.
Publ.ic. Signat.ur.-e Key 1:7at: a T,i..te actual public signature key data. The;.~ (:zxacit: f(.:=a ai-id cor.Lter.tt of this data is determined by the associated Variable Type.
Public Signature Key :Ll.) -"Ihe Key ID of the Public Signature Key that rnust be l..ised t.::) verify this signature block.
Signature Block - A b::Lock of information located at the end of a certificate. This signature contained in this block covers all of certificate except for the Signature Date.
Signature Algorithm ]:L) A r.,c:>de identifying the specific digital signature algorithm used to generate the Signature String contained within this Signature Block.
Signature Data - The acttzal ~:7.igita1. signature data.
The exact form and, cont.en.t is det..,ermi:tized by the Signature Algor.i_thm within the Signature BLat,:-k..
Variable Type - A code which d.efiries the type of a key (e.g., public si.gnature :kE.y, Priviite encryption key, DES
encryption/decryptior:i. key, etc . ) .

Claims (18)

1. A method of establishing a cryptographic link between a registration station (rs) and an operational unit (ou) of a cryptographic system, said system comprising said rs, said ou, a master key station (mks) and a personalization station (ps), said method comprising the steps of:
(a) initializing said mks and said ps by a method comprising the steps of:

providing said mks with an encryption/decryption key pair consisting of an mks public signature key and an mks private signature key;

providing said ps with an encryption/decryption key pair consisting of a ps public signature key and a ps private signature key;

providing said ps public signature key to said mks;

providing said mks public signature key to said ps;

creating a ps certificate in said mks by a method comprising the steps of:

creating a message containing said ps public signature key and an authorization for said ps to personalize said ou; and signing said message with said mks private signature key to create said ps certificate; and communicating said ps certificate from said mks to said ps;

(b) personalizing said rs by a method comprising the steps of:
communicating a first copy of said ps certificate to said rs;

generating, in said ps, an encryption/decryption key pair for said rs consisting of an rs public signature key and an rs private signature key;
securely communicating said rs private signature key from said ps to said rs;

deleting said rs private signature key from said ps;
creating an rs certificate in said ps by a method comprising the steps of:
creating a message containing said rs public signature key; and signing said message with said ps private signature key to create said rs certificate; and communicating said rs certificate from said ps to said rs;

(c) personalizing said ou by a method comprising the steps of:

communicating a second copy of said ps certificate to said ou;

providing said mks public signature key to said ou;
verifying in said ou that said second copy of said ps certificate was signed by said mks by applying said mks public signature key;
verifying in said ou that said second copy of said ps certificate authorizes said ps to personalize said ou;

generating an encryption/decryption key pair in said ps for said ou, said encryption/decryption key pair comprising an ou public encryption key and an ou private decryption key;
securely communicating said ou private decryption key from said ps to said ou;
deleting said ou private decryption key from said ps;
creating in said ps an ou certificate for said ou by a method comprising the steps of:
creating a message containing said ou public encryption key; and signing said message with said ps private signature key to create said ou certificate for said ou; and communicating said ou certificate from said ps to said ou; and (d) registering said ou with said rs by a method comprising the steps of:
communicating said ou certificate to said rs;
communicating said second copy of said ps certificate to said rs;
providing said mks public signature key to said rs;
verifying in said rs that said second copy of said ps certificate was signed by said mks by applying said mks public signature key;
verifying in said rs that said ou certificate was signed by said ps by applying said ps public signature key, said ps public signature key having been obtained from said second copy of said ps certificate;
communicating said rs certificate to said ou;
communicating said first copy of said ps certificate to said ou;
verifying in said ou that said first copy of said ps certificate was signed by said mks by applying said mks public signature key;

verifying in said ou that said rs certificate was signed by said ps by applying said ps public signature key, said ps public signature key having been obtained from said first copy of said ps certificate;

generating in said rs a cryptographic data element for said ou;

encrypting said private encryption key in said ou public encryption key, said rs having obtained said ou public encryption key from said ou certificate;
communicating said cryptographic data element, encrypted in said ou public encryption key, from said rs to said ou; and decrypting in said ou said private encryption key by applying said ou private decryption key.

2. The method of Claim 1, wherein said cryptographic system comprises a communication system.

3. The method of Claim 2, wherein said communication system comprises a subscriber television system.

4. The method of Claim 1, wherein said rs and said ou each comprise a secure chip, said secure chip comprising a programmable processor and a read-only memory, said read-only memory containing said mks public signature key.

5. The method of Claim 4, wherein said steps of verifying in said ou that said second copy of said ps certificate was signed by said mks and of verifying in said ou that said second copy of said ps certificate authorizes said ps to personalize said ou are accomplished by said programmable processor of said secure chip executing a program in said read-only memory of said secure chip.

6. The method of Claim 4, wherein said message created during said method of creating said ps certificate additionally contains an effective date and an expiration date for said ps certificate, wherein said read-only memory of said secure chip additionally contains a manufacturing date code, and wherein said method for personalizing said ou additionally comprises the step of:

verifying in said ou that said manufacturing date code in said read-only memory of said secure chip is between said effective date and said expiration date for said ps certificate.

7. A method of using a first unit and a fourth unit to establish a cryptographic link between a second unit and a third unit of a cryptographic system, said second unit and said third unit being connected by a communication link, said method comprising the steps of:

generating a public key pair comprising a first public key and a corresponding first private key, said first public key being stored in said first, second, and third units;
generating in said fourth unit a second public key pair comprising a second public key and a second private key;

generating a certificate in said fourth unit comprising a statement of authorization designating said first unit as authorized to generate a third public key pair;

digitally signing said certificate in said fourth unit using said first private key;

securely communicating said digitally signed certificate to said first unit;
generating in said first unit said third public key pair consisting of a third public key and a third private key;

securely communicating said third private key and said digitally signed certificate from said first unit to said second unit;

applying said first public key to said certificate to verify that said certificate was signed by said fourth unit;

reading a message in said certificate to determine whether said first unit has been authorized to provide said public key pair; and, deleting said third private key from said first unit;

communicating said third public key to said third unit; and communicating private messages from said third unit to said second unit using said third public key pair.

8. The method of Claim 7, wherein said cryptographic system comprises a communication system.

9. The method of Claim 8, wherein said communication system comprises a subscriber television system.

10. The method of Claim 7, wherein said second unit comprises a secure chip, said secure chip comprising a programmable processor and a read only memory, said read only memory containing said first public key.

11. The method of Claim 10, wherein said certificate additionally contains an effective date and an expiration date for said certificate, wherein said read-only memory of said secure chip additionally contains a manufacturing date code, and wherein said reading step additionally comprises the step of:
verifying that said manufacturing date code in said read-only memory of said secure chip is between said effective date and said expiration date for said certificate.

12. The method of Claim 11, wherein said reading step is implemented in a program in said read-only memory of said secure chip and wherein said program in said read-only memory is executed by said programmable processor in said secure chip.

13. The method of Claim 7, wherein said third public key pair is suitable for providing and analyzing digital signatures.

14. The method of Claim 7, wherein one of said private messages comprises a cryptographic data element.

15. A first unit of a public key cryptosystem, said public key cryptosystem comprising said first unit, a second unit, a third unit and a trusted authority, said trusted authority authorizing said third unit to provide said first unit with a public key and a corresponding private key, said third unit generating said public key and said private key for said first unit, said first unit comprising a communication circuit for establishing a cryptographic link with said second unit by providing said second unit with said public key from said third unit, said communication circuit comprising a secure circuit, said secure circuit containing a program for determining whether said third unit has been authorized by said trusted authority to provide said public key and said private key, said communication circuit receiving said private key from said third unit only after said secure circuit has executed said program to determine that said third unit has been authorized by said trusted authority to provide said public key and said private key.

16. The first unit of Claim 15, wherein said secure circuit comprises a secure integrated circuit, wherein said secure integrated circuit comprises a programmable processor and a read-only memory, wherein said read-only memory contains said program, and wherein said program is executed by said programmable processor.

17. The first unit of Claim 15, wherein said first unit functions primarily as a communication unit.

18. A cryptographic system comprising a first unit, a second unit, a third unit, and a fourth unit, said first and second units communicating securely by utilizing at least one cryptographic data element, said cryptographic data element being generated by said third unit, said third unit communicating said cryptographic data element to said first and second units, and also communicating to said second unit an authorization certificate received from said fourth unit, such that said second unit verifies that said third unit has been authorized by said fourth unit to generate said cryptographic data element.