DOCSLIB.ORG

Conditional Access and Encryption Options for Digital Compression Systems

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Conditional Access and Encryption Options for Digital Compression Systems CONDITIONAL ACCESS AND ENCRYPTION OPTIONS FOR DIGITAL COMPRESSION SYSTEMS 1V/COM Intemational 16516 Via Esprillo San Diego, CA 92127 Tony Wechselberger Executive Vice President Abstract Many methodologies have been developed for terrestrial, satellite and The development of digital cable distribution for both broadcast transport of television signals marks a and point-to-point applications. change from traditional approaches for "secure" distribution using analog For entertainment scrambling technology. The aU-digital distribution, true encryption nature of these signals makes hard techniques were introduced in the encryption of aU program services and early 1980's. Since that time there network information possible, and thus has been a steady increase in the our expectations for good security adoption of encryption techniques, performance over long periods of time leading (eventually) to a better in future digital compression systems awareness in, and utility of proper is high. application of cryptographic technology. At the same time there is much effort today to standardize elements Except for very high cost and subsystems of this new systems that could afford total technology, such that maximum digitization of the audio and video benefits accrue from interoperability material, virtually all existing with related developing technologies systems have employed techniques and markets. This paper discusses the that use the "randomizing" issues surrounding encryption in capabilities of encryption to digital compression systems, and deterministically "scramble" analog explores the possibUities for encryption program components, and reorder or standardization in certain areas of the otherwise reassemble these transport level. Included are comments components at the receiving end. on replaceable "Smart Card" and Examples of this are line shuffling, "Processor Card" approaches and cut-and-rotation, and random benefits. inversion of video. The fundamentally analog INTRODUCTION nature of the above randomizing approaches has problems. For The consumer and commercial example, in most implementations business and entertainment (but not all) enough recognizable television industries have now some information remains in the received twenty years of experience in the programming to sometimes not design, fielding and operation of satisfy desired requirements of a privacyI conditional access systems. good conditional access security 1993 NCTA TECHNICAL PAPERS -- 144 system-namely that the scrambled positive and negative reactions information contain no useful throughout the operator /user base. remnants of its original form, and In addition the esoteric nature of that reconstruction of the signal not cryptographic technology, in be possible by examination of the combination with the veil of secrecy scrambled waveform alone. (For a that surrounds most products tends good treatise on desirable attributes to shroud reality from view. The of security systems, see reference [1].) result is that decisions regarding the whole subject become driven in part In addition, the ways in which by sound technical judgments and the need for security systems part by emotion. developed and solutions evolved have resulted in a plethora of different The very mention of systems which are not only "standardized conditional access" in incompatible with each other, but the wrong circles will frequently be also with other types of equipment met by cries of eventual disaster. Yet used at the source, transit, storage many who have studied the issue or display chain. (Most obviously from a neutral position have evidenced by the consumer concluded that when theory and environment situation, and the experience are applied properly, there resultant quagmire of "opportunities" are indeed procedures and structures to be solved there.) that can be implemented to provide some basis of commonality in future Today we find ourselves at the generation systems. Note the many crossroads of a technological digital non-military implementation revolution: one where participation standards used by the U.S. in going forward forces decisions to government and the longevity of the be made that involve significant DES algorithm, for example. departures from previous generation technology. This change begs the The motivation for the examination of opportunities to consideration of standardization attain improvements over the current develops primarily from compatibility situation in several areas, such as and interoperability issues. More and consumer friendliness, compatibility more relationship and and interoperability, improved interdependency exists today between security, ... all topics where some heretofore unrelated markets. This degree of standardization has trend will dramatically expand. The important potential. One of the more merging of the television and controversial areas is computer industries into a standardization of conditional "multimedia environment" is in the access. The all-digital nature of sights of many wishing to put to use compression systems provides at the broadband highways that lie in least the technical opportunity for our future. The growth accomplished future-friendly advances in this area. by these new markets will be throttled by interoperability issues. STANPARDIZATION Surrounding digital compres­ sion developments are significant The experiences of our industry efforts to define standards. Driven with encryption products over the primarily through the International past decade has left a trail of both Standards Organization (ISO), the 1993 NCTA TECHNICAL PAPERS -- 145 global unification of digital television stream will be "packetized"; that is, program generation, editing, storage, consist of packets of data (sizes of retrieval, transport and display is the packets are in the 130 byte to leading to a set of agreed upon 192 byte range) containing digital methodologies for audio and video information from a single elementary compression, and transport of stream or data type. The packets will complex multiplexes of associated each be preceded by a "header" of up data and ancillary digital services. to 4 bytes of packet-specific These standards, known as information such as packet ID, "MPEG-2," cover the primary areas of clearI scrambled indicator, even/ odd audio compression, video key, continuity counter and other compression and transport. They will information. The "generalized" digital serve as the guides to intemational nature of these packets makes for utility of future systems for most very flexible opportunities in the area indus trial and consumer of encryption and conditional access, applications. and the packets can be easily and singularly protected (scrambled) In the transport area, the work throughout their distribution and has led to the development of a routing "life." working draft which defines: In order for the digital • Program Stream-A grouping of television market to fully and freely audio, video and data elemental develop, it is very important not only components having a common that specific audio and video time relationship, and being compression techniques be codified, generally "associated" for delivery, but this transport area as well. The storage, playback, etc. requirements vary greatly between various applications for digital • n-ansport Stream-A collection of storage media (DSM) and direct program streams or elementary broadcast satellite (DBS), for streams (video, audio, data) which example. Yet it is essential that easy have been multiplexed in a non­ movement between such mediums be specific relationship for purposes available. Many factors come into of transmission. play, such as timing, program stream reconstruction, synchronization, While discussions are de I remultiplexing, (re)packetizing, continuing at the time of this and of course the need for encryption writing, these "system layer" efforts in certain applications. are aimed at providing a basic data structure, the "semantics and It has been an objective of the syntax" of a data stream, that can ISO systems working group to limit serve as a common format for local the extent of "specification" to a and broadcast transmission. minimum ... to defme only as much as is generally agreed to provide Entities working within the meaningful interoperability. The ISO MPEG-2 System Layer Group remainder of this paper discusses the have agreed to a number of basic implications of encryption on structural elements that are expected interoperability, and the issues to become part of the system layer regarding separation of systems and syntax. Fundamental to this long term security. structure is that the transport 1993 NCTA TECHNICAL PAPERS -- 146 CONDITIONAL ACCESS video/sound/data service (i.e. RECOMMENDATIONS television program or service) in order to prevent unauthorized Both the European (through reception of the information in a the CCIR) and the North American clear form. The alteration is a (primarily through the ATSC) specific process under the control communities have considered the of the conditional access system issues surrounding conditional (sending end). access standardization, and both have extensive expertise and • Access Control-The function of experience in the subject matter. The the conditional access control at conclusions and recommendations of the sending end is to generate the both groups are very similar [1].(2]; scrambling control signals, and that: the provision of information to enable authorized users to conditional access systems can be
Load more

Recommended publications
  • Tuesday 13 November 2007
    Tuesday 13 November 2007 RE: Response to the proposed BSkyB digital terrestrial television services consultation I wish to start by personally thanking you for allowing me to respond to the plans that British Sky Broadcastings plans to launch their Picnic platform on Digital Terrestrial Television, including the launch of the following services: z Sky Sports One; z A children's channel/Sky Movies SD One; z A factual channel/Sky News/Sky One; z Sky News (if BSkyB is given permission to launch a fourth service on DTT using MPEG-4 encoding); z Broadband up to 16Mbps and a telephony service. I wish to begin by giving an idea of my thoughts on the proposal by BSkyB before I answer the questions in the consultation document. Introduction 1. Regarding the use of by BSkyB and NDS Group, the VideoGuard conditional access technology for its pay television services. According to the press release that was released by BSkyB on the 8th of February 2007,1 the service will use a highly secure conditional access system similar to the one BSkyB uses for its digital satellite services, Sky Digital and FreesatFromSky. I also understand that Sky has also stated that viewers will require a new set-top-box to access the new service. In the past, since the launch of the Sky satellite television service in February 1989 via the Astra satellite, BSkyB have always used NDS Group technology to encrypt and protect their own branded services, with both the VideoCrypt and VideoGuard conditional access systems for their Sky analogue and digital satellite services respectively.
    [Show full text]
  • Study on the Use of Conditional Access Systems for Reasons Other Than The
    Study on the use of conditional access systems for reasons other than the protection of remuneration, to examine the legal and the economic implications within the Internal Market and the need of introducing specific legal protection Report presented to the European Commission by N. Helberger N. A. N. M. van Eijk P. B. Hugenholtz Institute for Information Law (IViR) University of Amsterdam Preface The study, commissioned by the Directorate-General for Internal Market and Financial Services (DG XV) of the Commission of the European Community, offers an analysis of the use of conditional access systems for other reasons than the protection of remuneration interests. The report also examines the need to provide for additional legal protection by means of a Community initiative, such as a possible extension of the Conditional Access Directive. The report will give a legal and economic analysis of the most important non- remuneration reasons to use conditional access (CA), examine whether services based on conditional access for these reasons are endangered by piracy activities, to what extent existing legislation in the Member States provides for sufficient protection, and what the possible impact of the use of conditional access is on the Internal Market. Furthermore, the study analysis the specific legislation outside the European Union, notably in Australia, Canada, Japan and the US, as well as the relevant international rules at the level of the EC, WIPO and the Council of Europe. This study was written by Natali Helberger and Dr Nico A. N. M. van Eijk at the Institute for Information Law (IViR), University of Amsterdam under the supervision of Professor P.
    [Show full text]
  • Tr 101 532 V1.1.1 (2015-02)
    ETSI TR 101 532 V1.1.1 (2015-02) TECHNICAL REPORT End-to-End Network Architectures (E2NA); Mechanisms addressing interoperability of multimedia service and content distribution and consumption with respect to CA/DRM solutions 2 ETSI TR 101 532 V1.1.1 (2015-02) Reference DTR/E2NA-00004-CA-DRM-interop Keywords CA, DRM, interoperability, terminal ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N° 348 623 562 00017 - NAF 742 C Association à but non lucratif enregistrée à la Sous-Préfecture de Grasse (06) N° 7803/88 Important notice The present document can be downloaded from: http://www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http://portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: https://portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI.
    [Show full text]
  • Conditional Access and Digital Television
    Conditional access and digital television Research Paper 96/49 12 April 1996 The phrase "conditional access" is used to describe the systems by which subscription television companies, such as BSkyB, control viewers' access to different programmes and channels so that only those who have paid the appropriate charges can actually watch the services. This paper examines the Government's proposals for regulating conditional access services in light of EC directive 95/47/EC on television standards. This paper accompanies Research Paper 96/48 on the Broadcasting Bill [H.L.] [Bill 88 1995/96]. William Lea Science and Environment Section House of Commons Library Library Research Papers are compiled for the benefit of Members of Parliament and their personal staff. Authors are available to discuss the contents of these papers with Members and their staff but cannot advise members of the general public. CONTENTS Page I Introduction 5 A. Overview 5 B. What is conditional access? 6 C. Conditional access and subscriber management systems in the UK 7 D. Why is conditional access important? 10 E. Possible solutions 11 II EC directive 95/47/EC on television standards 13 A. History of proposals 13 B. Main provisions of directive 95/47/EC 15 C. European DVB group and the common interface 19 III Government policy document on digital terrestrial broadcasting 21 A. Introduction 21 B. BBC's response 22 C. ITV's response 22 D. BSkyB's response 24 E. ITC's response 25 F. Oftel's response 25 G. DNH's summary of responses 26 IV DTI consultation paper on the regulation of conditional access 27 A.
    [Show full text]
  • Cisco D9854-I Advanced Program Receiver Data Sheet
    Data Sheet Cisco D9854-I Advanced Program Receiver Product Overview The Cisco® D9854-I Advanced Program Receiver (Figure 1) is designed for satellite and terrestrial content distribution applications requiring Digital Video Broadcasting - Satellite (DVB-S), Digital Video Broadcasting - Satellite - Second Generation (DVB-S2) and IP reception capabilities with advanced digital outputs for digital tier program distribution. A built-in decoder can decode an MPEG-2 or MPEG-4 Advanced Video Coding (AVC) high definition (HD) program for analog monitoring, or a standard definition (SD) down-conversion for composite. MPEG-2 or MPEG-4 AVCSD programs can also be decoded for analog and SDI output. D9854-I comes with RF, ASI and MPEGoIP input combined with a high-quality SDI or HD-SDI output and optional MPEGoIP output. Figure 1. Cisco D9854-I Advanced Program Receiver Digital Program Distribution The Asynchronous Serial Interface (ASI) transport output or the MPEGoIP output (licensed option) provides a number of output modes and can carry a decrypted program for digital tier distribution. This capability helps ensure that compressed video programs are efficiently distributed to households equipped with digital set-top boxes. Digital Program Mapping Digital Program Mapping allows programmers to “transparently” substitute programs at the uplink. It maintains predictable and compliant transport output during service replacement, network information table (NIT) retuning, and channel changes, including forced tuning. This feature remaps the packet identifier (PID) information from the primary service to an alternate service, allowing downstream devices to continue to operate without headend operator intervention. This helps ensure availability of alternate programming in the digital tier.
    [Show full text]
  • DTA-3050 User Manual
    TA 3050 10 Port ASI / IP Multiplexer and Media Router USER GUIDE www.adtecdigital.com Table of Contents Product Overview.......................................................................................................................................................................1 Introduction - About Digital Turn Around........................................................................................................................1 Applications.............................................................................................................................................................1 Benefits of an Adtec Digital Turn Around Router....................................................................................................1 About Your Purchase.....................................................................................................................................................2 Hardware Specification & Requirements.................................................................................................................3 Front Panel.....................................................................................................................................................................3 Front Panel Features:..............................................................................................................................................3 Back Panel..............................................................................................................................................................3
    [Show full text]
  • DRM — “Digital Rights” Or “Digital Restrictions” Management?
    DIGITAL RIGHTS MANAGEMENT DRM — “digital rights” or “digital restrictions” management? Richard Leeming Red Bee Media If correctly applied, DRM can be likened to a motorway, providing a seamless high- speed route to content, enabling people to get the content they want, where they want it, quickly and easily. However, if badly applied, heavy handed and overly restrictive, DRM is more like a traffic jam – denying people access to the content they want and crucially denying rights-holders the revenue they want. This article looks at some of the proprietary DRM systems currently available and argues that we need to start thinking hard about when and how we apply DRM to our precious content. In 2006, music lovers worldwide have been celebrating the 250th anniversary of Mozart’s birth. Although he only lived for 35 years, Mozart composed more than 600 pieces of classical music – most of which are still hugely popular today. But it’s perhaps something of a surprise to discover that one of the key moments of Mozart’s early career would today count as piracy and be prevented by digital-rights technology. As a 14-year-old, Mozart travelled to the Vatican and heard Gregorio Allegri’s Miserere. This piece of music had long been closely guarded by the Vatican and it was forbidden to transcribe it: if you did, you would be excommunicated. Whether Mozart knew this is unknown but, having heard it once, he transcribed it from memory and it became published in London, thus breaking the Vatican’s ban. This is perhaps one of the earliest-known examples of content rights management being overturned.
    [Show full text]
  • Press Release
    PRESS RELEASE DVB AGREES FINAL ELEMENTS OF CONDITIONAL ACCESS PACKAGE Frankfurt, 7 March 1995 - The Steering Board of the European Project Digital Video Broadcasting (DVB), under the chairmanship of Mr Peter Kahl, adopted during its 9th meeting the specification for a “Common Interface for Conditional Access and Other Applications in Digital Video Broadcasting Decoders”, and “Recommendations on Antipiracy Legislation”. They are the last items to be presented under the DVB Conditional Access Package adopted by the DVB in September 1994. The Recommendations on Anti Piracy Legislation will be submitted to the European Commission and to the Council of Europe. The Steering Board of the DVB declared that adequate legislation against piracy is a necessary complement to technical security measures. It also recommended that a European Directive on audiovisual piracy and the legal protection of encrypted television signals, addressing the novel factors presented by digital video broadcasting, should be considered by the Council and the Commission. The Common Interface was developed to allow for the physical separation between receiver functions on one hand, and the conditional access and descrambling functions on the other. In approving the specification for the Common Interface, the DVB Steering Board restated its position that the inclusion of a common interface in receivers should remain optional. The Steering Board’s approval means that this specification for a Common Interface will become a publicly available document and will transmitted to other interested groups around the world. In the future, the Common Interface could be expanded to accommodate extensions to the receiver such as advanced electronic programme guides, tuners for television delivery over telephone wire or for terrestrial digital television reception.
    [Show full text]
  • Opencable and Smart Cards in Digital TV Erik Gazzoni
    OpenCable and Smart Cards in Digital TV Erik Gazzoni Director of Marketing US Digital TV & Broadband Smart Card Alliance Jacksonville, Florida October 15th 2003 All Company and/or product names are trademarks and/or registered trademarks of their respective owners AGENDA 1. OpenCable Overview 2. US DTV market Overview 3. Benefits for OpenCable players 4. Conclusion SmartCard Alliance - October 2003 Page 2 1- OpenCable: History ♦ When? started in 1997 ♦ What? helping the Cable industry deploy Interactive Services over cable ♦ How? defining set of Industry Standards ♦ Goals? – Define the next-generation digital consumer device – Encourage supplier competition – Create a retail hardware platform SmartCard Alliance - October 2003 Page 3 1- Cable Plant Architecture ConditionalConditional Access Access TV System PODPOD TV InternetInternet System ContentContent STBSTB DTVDTV HeadendHeadend Video Video ProcessingProcessing ContentContent CenterCenter OtherOther ContentContent HeadendHeadend Mgmt. Retail POD Mgmt. Retail POD CenterCenter IntegratedIntegrated DTVDTV Terminal Terminal SmartCard Alliance - October 2003 Page 4 1- SCTE 28 CableCARD-Host Interface Protected by CableCARD Cable System CA Protected by Conditional Descramble POD-CP & Process Access System System HOST 1394 + 5C QPSK Tuner & Demod MPEG-2 Demux QPSK Mod & Decode & Xmtr CPU QAM Tuner User I/F & Demod OS, Memory SmartCard Alliance - October 2003 Page 5 1- SCTE 28 Overview ♦ Enables Separation of Security from Navigation (STB) to Meet Retail Navigation Order (FCC mandate) ♦ Supports Legacy Conditional Access Systems ♦ Provides Renewable, Replaceable Encryption ♦ Unifies OOB Signaling Systems ♦ Built upon NRSS-B (EIA-679B, part-B) – Adds extensions, constraints and changes ♦ Defines CableCARD physical interface based on PC-Card (PCMCIA) – Defines initialization, signal timing, link interface, application interface, MMI, etc.
    [Show full text]
  • Digital Video Broadcasting Conditional Access Architecture
    Digital Video Broadcasting Conditional Access Architecture Introduction Digital Video Broadcasting (DVB) is a standard defining a one-to-many unidirectional data network for sending digital TV programs over satellite, cable, and other topologies. The standard enables the broadcasting industry to offer hundreds of pay-TV channels to consumers. The expanded capacities make the broadcast signals more valuable and attractive to signal thefts [1]. To protect a DVB data-network, the DVB standard integrates into its broadcasting infrastructure an access control mechanism, commonly known as Conditional Access, or CA for short [3]. This report is an overview of the DVB-CA architecture. The approach is to provide a full picture of a typical DVB-CA deployment in operation. First, each of the major components is individually described. Then, an operational walk-through is given to show how the different components work together. Throughout the report, the architecture’s enabling technologies are mentioned. However, the technical details are not elaborated but instead deferred to references. Functional Partitions The DVB-CA architecture manages end-users’ access to protected contents with three elements: data scrambling, a subscriber authorization system (SAS), and a subscriber management system (SMS) [5]. Together, they form three layers around the protected contents: Subscriber Management Subscriber Authorization Data-Scrambling Mpeg2 Digital TV Data scrambling encrypts the digital-TV contents at the center. The subscriber authorization system controls the data-scrambling element by handling the secured distribution of descrambling keys to authorized subscribers. Knowing which subscribers entitle to what contents, the subscriber management system delivers access permissions to the SAS for enforcement.
    [Show full text]
  • A Comparison Between Satellite DVB Conditional Access and Secure IP Multicast
    A Comparison between satellite DVB conditional access and secure IP multicast H. Cruickshank1,M.P.Howarth1, S.Iyengar1,Z.Sun1 programme) called SATLIFE [5] that examine the new services Abstract— Security of satellite data is becoming an important and applications over an On Board Processing (OBP) satellite issue. The DVB (TV broadcasting) Conditional Access system system called Amazonas. It is based on the AMERHIS OBP used in satellite broadcasting has however been surrounded by payload developed by the European Space Agency (ESA) and controversy for many years due to the spread of counterfeit operated by Hispasat [6]. Amazonas system integrates and smart cards, and this paper examines the weaknesses of current DVB-S security. We provide an alternative solution to secure combines both DVB-S (broadcast) and DVB-RCS (satellite multicast services over satellites using IPSEC and a group key return links) into one regenerative multi-spot satellite system. management system called GSAKMP. In this paper, we examine the current DVB-S one-way conditional access system and review its weaknesses; we then Index Terms— Security, Conditional Access, multicast, DVB- focus on network level security and providing group security S, DVB-RCS. using IPSEC and the related group management architecture in the IETF group called MSEC (Multicast Security) [7]. We present a scalable secure IP mulicast system that can used to I. INTRODUCTION secure satellite broadcast and interactive services. There probably exists no other application of satellite technology that is as well known as satellite broadcasting [1], [2]. The Digital Video Broadcasting (DVB) system has been II. THE CURRENT DVB-S BROADCASTING (ONE-WAY) ACCESS designed with a modular structure, based on independent sub- CONTROL SYSTEM systems, so that a variety of DVB systems (such as DVB-S: Conditional Access (CA) is a service that allows satellite, DVB-T: terrestrial, DVB-C: cable) could maintain a broadcasters to restrict certain programming products to certain high level of interoperability.
    [Show full text]
  • 6): Scrambling (Conditional Access System
    Technologies and Services on Digital Broadcasting (6) Scrambling (Conditional Access System) "Technologies and Services of Digital Broadcasting" (in Japanese, ISBN4-339-01162-2) is published by CORONA publishing co., Ltd. Copying, reprinting, translation, or retransmission of this document is prohibited without the permission of the authors and the publishers, CORONA publishing co., Ltd. and NHK. 1. Digital broadcasting and conditional Satellite broadcasting, in particular, features a very access systems broad broadcast target, for which unauthorized reception can have far reaching effects. It is for this reason that The essential role of broadcasting is to convey highly secure systems are employed for both the information on a broad scale; therefore, "scrambling", scrambling subsystem and access control subsystem. which has the aim of restricting reception, is at odds with The general requirements that scrambling systems must this role. In recent years, however, the implementation of satisfy are as follows: fee-based broadcasting has made it necessary to prevent (1) it must be difficult for a third party to perform non-subscribers from receiving broadcasts, so scrambling unauthorized reception (security); of broadcast signals has nonetheless become widespread. (2) scrambled signal content must not be understandable This has been achieved through the "conditional access (concealment); system", which is now a normal prescription for any new (3) quality must not deteriorate (perceptibly) on restoring broadcast system. Although scrambling began with cable the signal (quality restoration); and television (CATV) and limited-range terrestrial broadcasts, (4) receiver and operating costs must be low. the advent of worldwide satellite-based broadcasts has In digital broadcasting, moreover, fueled the development and implementation of large-scale (5) efficient scrambling of all kinds of signals (as in conditional access systems.
    [Show full text]