摘要 |
A system for restricting access to transmitted programming content is disclo sed, which transmits a program identifier with the encrypted programming content. A set -top terminal or similar mechanism restricts access to the transmitted multimedia information using s tored decryption keys. The set-top terminal preferably receives entitlement information periodicall y from the head-end, corresponding to one or more packages of programs that the customer is entit led to for a given period. Each program is preferably encrypted by the head-end server prior to transmi ssion, using a program key, KP, which may be unique to the program. The set-top terminal uses the r eceived program identifier, p, together with the stored entitlement information, to derive t he decryption key necessary to decrypt the program. Each of the k-bit program keys, KP, used to encrypt tra nsmitted programs is a linear combination of a defined set of k-bit master keys, ml .... mn. The he ad-end server preferably generates a new set of master keys for the matrix, M, once per billing perio d. Since each program key. KP, is a linear combination of the set of master keys, M, a customer desirin g r programs, obtains access to the smallest linear subspace of programs, U, that contains those r programs. In addition, a package consists of (2i - 1) program identifiers for some i less than n, whi ch need not all be assigned to programs. An optional check matrix, C, allows the set-top terminal to det ermine, in advance, whether a received program is in the entitled subspace, U. |