| 摘要 |
1. A method to check the integrity and the authenticity of a set of data received (M1 to Mn) by a pay-T.V. decoding unit, consisting of a decoder (IRD) and a security unit (SC), and also by a means of communication (NET, REC) with a control center, wherein said method comprising calculation of a check information (Hx) which is representative of the result of a mono-directional and collision-free function, carried out on all or only a part of the data (M1 to Mn) characterized in that it provides for the following operations: - transmitting the check information (Hx) to the security unit (SC) and ciphering the check information (Hx) with a first cipher-key (k1); - sending the ciphered control information k1 (Hx) to the control center; - deciphering of the ciphered check information k1(Hx) by the control center and comparing it with a reference value of the check information (Hy); - transmitting the control data (R) including the result of the comparison in a ciphered form to the security unit (SC); - deciphering of the ciphered result of the comparison by the security unit (SC) and informing the decoder (IRD) of the validity of the data (M1 to Mn). 2. A method according to claim 1, characterized by the fact that the control center sends the reference value in a ciphered form k2 (Hy) with the control data (R) to the security module (SC). 3. A method according to claims 1 and 2, characterized by the fact that the calculation is carried out in the decoder (IRD), with the result being transmitted to the security unit (SC). 4. A method according to claims 1 to 3, characterized by the fact that the calculation is carried out in the security unit (SC), and the data (M1 to Mn) is transmitted from the decoder (IRD) to the security unit (SC). 5. A method according to claims 1 to 4, characterized by the fact that it consists of including a utilization describer (D) for the data (M1 to Mn) in the control data (R), deciphering the control data (R) and transmitting the describer (D) to the decoder (IRD) if the result of the comparison is positive, processing the data (M1 to Mn) by the decoder (IRD) according to the guidelines contained in the describer (D). 6. A method according to claims 1 to 5, characterized by the fact that the data (M1 to Mn) is accompanied by validity information (CRC, CS, H) for the said data, and wherein the security module (SC) transmits to the decoder the information to use or not this validity information to check the data (M1 to Mn). 7. A method according to claim 1-3, characterized by the fact that this validity information is of the type CRC (cyclic redundancy code), CS (checksum) or Hash (a so-called mono-directional and collision-free function). 8. A method according to claims 1 to 7, characterized by the fact that it includes a global check information (H'y) in the control data (R) which is representative of a result of a mono-directional and collision-free function, carried out on all or only a part of the global data (MO to Mm); this data is the same as, or includes, the data received (M1 to Mn). 9. A method according to claim 8, characterized by the fact that the control data (R) includes a warranty that certifies the broadcaster of the data (M1 to Mn). 10. A method according to claim 8, characterized by the fact that it consists of calculating periodically, or when requested, the value (H'x) representative of the result of a so-called mono-directional and collision-free function, carried out on all or only a part of the global data (MO to Mm), with the security unit (SC) comparing the result (H'x) with the reference value (H'y). 11. A method according to claim 10, characterized by the fact that the calculation is carried out by the decoder (IRD), with the result of the calculation (H'x) being transmitted to the security unit (SC). 12. A method according to claim 10, characterized by the fact that the calculation is carried out by the security unit (SC), with the data (MO to Mm) being transmitted from the decoder (IRD) to the security unit (SC). 13. A method according to claims 10 to 12, characterized by the fact that the periodic calculation is carried out on request from the control center, from the security unit, from a test unit (TEST) or from one of the means of communication (NET, REC). 14. A method according to claims 10 to 13, characterized by the fact that the result of the comparison is transmitted in a subscriber generated message common to the functioning of the system. 15. A method according to claims 10 to 13, characterized by the fact that the value calculated (H'x) is transmitted to the control center inside subscriber generated messages common to the functioning of the system, with each message containing a part of the value calculated (H'x). 16. A method according to one of the preceding claims, characterized by the fact that the transmission to the control center is carried out in deferred mode, according to a timetable defined in a pseudo-random manner within predefined limits. 17.A method to check the integrity and the authenticity of a set of data (M1 to Mn) memorized inside a data storage unit connected with a security unit (SC) including the following steps: - transmission from the storage unit to the security unit (SC) of the control data (R1) including ciphered reference check information k1(Hy) representative of the result of a mono-directional and collision-free function, carried out on all or only a part of the data (M1 to Mn); - calculation of check information (Hx) which is representative of the result of a mono-directional and collision-free function, carried out on all or only a part of the data (M1 to Mn); - comparison of the calculated value (Hx) with the deciphered reference value (Hy) by the security unit (SC) and transfer of the management data (R2) including the result of the comparison to the storage unit. 18. A method according to claim 17, characterized by the fact that the calculation is carried out by the storage unit, with the result of the calculation (Hx) being transmitted to the security unit (SC). 19. A method according to claim 17, characterized by the fact that the calculation is carried out by the security unit (SC), with the data (M1 to Mn) being transmitted from the storage unit to the security unit (SC). 20. A method according to claims 17 to 19, characterized by the fact that it includes, inside the control data (R1). a utilization describer (D) for the data (M1 to Mn); and if the result of the comparison is positive, sends the utilization describer (D) back to the storage unit in a deciphered form, to process the data (M1 to Mn) by the storage unit according to the guidelines contained in the describer (D). 21. A method according to claim 20, characterized by the fact that the control data (R1) further includes a warrant that certifies the broadcaster of the data (M1 to Mn). 22. A method according to claims 17 to 21, characterized by the fact that it consists of calculating periodically, or when requested, the values (Hx) representative of the result of a so-called mono-directional and collision-free function, carried out on all or only a part of the data (M1 to Mm), with the security unit (SC) comparing the result (Hx) with the reference value (Hy). 23. A method according to claims 17 to 22, characterized by the fact that it consists of: - storage of the data (M1 to Mn) in a ciphered form; - transmission to the security unit (SC) in the control data (R1) of a deciphering key (k3) for the data (M1 to Mn). - If the result of the comparison Hx and Hy is positive, deciphering of the data (M1 to Mn) with the use of the cipher-key (k3). 24. A method according to claim 23, characterized by the fact that the deciphering operation of the data (M1 to Mn) is carried out by the storage unit, the deciphering key (k3) being transmitted by the security unit (SC). 25. A method according to claim 23 characterized by the fact that the deciphering operation of the data (M1 to Mn) is carried out by the security unit (SC), the data (M1 to Mn) being transmitted from the storage unit to the security unit (SC). 26. A method according to claims 17 to 25 characterized by the fact that it includes, inside the control data (R1), a utilization describer (D) for the data (M1 to Mn), to decipher the control data (R1) and transmit the describer (D) to the storage unit if the result of the comparison is positive, to process the data (M1 to Mn) by the storage unit according to the guidelines contained in the describer (D).
|
