초록 ▼

The present invention relates to a method for creating and managing a local area network including at least one device for reproducing an encrypted data flow and a device for transmitting and re-encrypting all or part of said encrypted data, which devices include security modules. The method include

The present invention relates to a method for creating and managing a local area network including at least one device for reproducing an encrypted data flow and a device for transmitting and re-encrypting all or part of said encrypted data, which devices include security modules. The method includes the steps of connecting a so-called master security module in one of the devices connected to the local area network, causing the master security module to generate a network key, securely transmitting the network key to one or more so-called user security modules, decrypting the data encrypted by the transmission and re-encryption device, re-encrypting the data with said device by means of a local key, transmitting the re-encrypted data to the reproduction device, and holding the reproduction device to perform decryption using the user security module associated therewith and provided with means for locating the local key.

대표청구항 ▼

The invention claimed is: 1. A method for creating and managing a local network, the local network including at least one restitution device for receiving an encrypted data stream and at least one diffusion and re-encrypting device for transmitting all or part of the encrypted data stream to the re

The invention claimed is: 1. A method for creating and managing a local network, the local network including at least one restitution device for receiving an encrypted data stream and at least one diffusion and re-encrypting device for transmitting all or part of the encrypted data stream to the restitution device, the at least one restitution device and the at least one diffusion and re-encrypting device including at least one security module, the method comprising during an initialization stage: connecting a master security module to one of the at least one restitution device and the at least one diffusion and re-encrypting device connected to the local network, establishing a network key by the master security module, and securely transmitting the network key over the local network to the at least one security module included in the at least one restitution device and the at least one diffusion and re-encrypting device, wherein when the master security module is connected to the at least one restitution device, the network key is securely transmitted to the at least one diffusion and re-encrypting device, and when the master security module is connected to the at least one diffusion and re-encrypting device, the network key is securely transmitted to the at least one restitution device, and while receiving the encrypted data stream: decrypting the encrypted data stream by the at least one diffusion and re-encrypting device, re-encrypting the decrypted data stream by the at least one diffusion and re-encrypting device using a local key, the local key being a session key that is generated by the at least one diffusion and re-encrypting device and that is encrypted by the network key, transmitting the re-encrypted data stream to the at least one restitution device, and decrypting the received encrypted data stream by the at least one restitution device using the associated security module, the associated security module including means to decrypt the local key using the network key. 2. The method for creating and managing a local network according to claim 1, wherein the local key is a randomly generated session key encrypted by the network key. 3. The method for creating and managing a local network according to claim 1, wherein the local key is the network key. 4. The method for creating and managing a local network according to claim 1, wherein the network key is established by a pseudo-random generation of the network key during the initialization of the local network. 5. The method for creating and managing a local network according to claim 1, wherein the network key is established during an initialization step of the master security module. 6. The method for creating and managing a local network according to claim 1, wherein the master security module is placed in a removable security module. 7. The method for creating and managing a local network according to claim 6, wherein the removable security module includes a user module forming part of the network administrated by the master security module. 8. The method for creating and managing a local network according to claim 1, wherein the associated security module is in the form of an electronic circuit mounted during the manufacture of the restitution device. 9. The method for creating and managing a local network according to claim 1, wherein the associated security module is in the form of a removable security module. 10. The method for creating and managing a local network according to claim 1, wherein the at least one diffusion and re-encrypting device includes a converter module, and wherein the converter module receives and stores an identifier of the master security module that created the local network, and the converter module re-encrypting data pertaining to the local network. 11. The method for creating and managing a local network according to claim 10, wherein the identifier of the master security module is transmitted to a management center during a connection step to the management center.