 |
This article does not cite any references or sources. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. (March 2008) |
Conditional Access (abbreviated CA) is the protection of content by requiring certain criteria to be met before granting access to this content. The term is commonly used in relation to digital television systems, most notably satellite television.
Contents |
Conditional access in DVB
Under the DVB, conditional access system standards are defined in the specification documents for DVB-CA (Conditional Access), DVB-CSA (the Common Scrambling Algorithm) and DVB-CI (the Common Interface). These standards define a method by which a digital television stream can be obfuscated, with access provided only to those with valid decryption smart cards. The DVB specifications for Conditional Access are available from the standards page on the DVB website.
This is achieved by a combination of scrambling and encryption. The data stream is scrambled with an 8-byte secret key, called the control word. Knowing the value of the control word at a given moment is of relatively little value, because it changes very frequently, about every 10 seconds. The control word is generated automatically and randomly, in such a way that successive values are not predictable; the DVB specification recommends using a physical process for that.
In order for the receiver to unscramble the data stream, it must be permanently informed about the current value of the control word. In practise, it must be informed slightly in advance, so that no viewing interruption occurs. Encryption is used to protect the control word during transmission to the receiver: the control word is encrypted as an entitlement control message (ECM). The CA subsystem in the receiver will decrypt the control word only when authorised to do so; that authority is sent to the receiver in the form of an entitlement management message (EMM). The EMMs are specific to each subscriber, as identified by the smart card in his receiver, or to groups of subscribers, and are issued much less frequently than ECMs, perhaps at monthly intervals. This being apparently not sufficient to prevent unauthorized viewing, TPS has lowered this interval down to about 12 minutes.
The contents of ECMs and EMMs are not standardized and as such they depend on the conditional access system being used.
The control word can be transmitted through different ECMs at once. This allows the use of several conditional access systems at the same time, a DVB feature called simulcrypt, which saves bandwidth and encourages multiplex operators to cooperate. DVB Simulcrypt is widespread in Europe; some channels, like the CNN International Europe from the Hot Bird satellites, can use 7 different CA systems in parallel.
The decryption cards are read, and sometimes updated with specific access rights, either through a Conditional Access Module (CAM), a PC card-format card reader meeting DVB-CI standards, or through a built-in ISO/IEC 7816 card reader, such as that in the Sky Digibox.
Several companies provide competing CA systems; VideoGuard, Irdeto Access, Nagravision, Conax, Viaccess, Latens, Verimatrix and Mediaguard (a.k.a. SECA) are among the most commonly used CA systems.
Due to the common usage of CA in DVB systems, many tools to aid in or even directly circumvent encryption exist. CAM emulators and multiple-format CAMs exist which can either read several card formats or even directly decrypt a compromised encryption scheme. Most multiple format CAMs and all CAMs that directly decrypt a signal are based on reverse engineering of the CA systems. A large proportion of the systems currently in use for DVB encryption have been opened to full decryption at some point, including Nagravision, Conax, Viaccess and Mediaguard (v1).
Conditional access in the USA
In the United States cable systems, the standard for conditional access is provided with CableCARDs whose specification was developed by the cable company consortium CableLabs. Cable companies in the US are required by the Federal Communications Commission to support CableCARDs, but standards exist only for one way communication and do not apply to satellite television. Next generation approaches in the United States eschew such physical cards and employ schemes using downloadable software for conditional access such as DCAS. The main appeal of such approaches is that the access control may be upgraded dynamically in response to security breaches without requiring expensive exchanges of physical conditional access modules. Another appeal is that it may be inexpensively incorporated into non-traditional media display devices such as Portable media players.
Conditional Access Systems
Conditional access systems include:
Analog Systems
Digital Systems
| CA id. | Name | Developed by | Introduced (year) | Security | Notes |
|---|---|---|---|---|---|
| 0x4800 | Accessgate | Telemann | |||
| 0x4A20 | AlphaCrypt | AlphaCrypt | |||
| ? | B-CAS | Used in Japan only | |||
| 0x1702, 0x1722, 0x1762 | BetaCrypt 1 | BetaTechnik/Beta Research (subsidiary of KirchMedia) | Compromised | Irdeto modification | |
| 0x1710 | BetaCrypt 2 | BetaTechnik/Beta Research (subsidiary of KirchMedia) | Compromised | Irdeto modification | |
| 0x2600 | BISS | European Broadcasting Union | Compromised | ||
| 0x4900 | China Crypt | CrytoWorks (China) (Irdeto) | |||
| 0x22F0 | Codicrypt | Scopus Network Technologies | Secure | ||
| 0x0B00 | Conax CAS 5 | Norwegian Telekom | |||
| 0x0B00 | Conax CAS 7 | Norwegian Telekom | Secure | Chip pairing (married card) | |
| ? | CoreCrypt | ||||
| 4347 | CryptOn | CryptOn | |||
| 0x0D00, 0x0D02, 0x0D03, 0x0D05, 0x0D07, 0x0D20 | Cryptoworks | Philips CryptoTec | Partly compromised (older smartcards) | ||
| 0x4ABF | CTI-CAS | Beijing Compunicate Technology Inc. | |||
| 0x0700 | DigiCipher 2 | Jerrold/GI/Motorola 4DTV | Secure | DVB-S2 compatible , used for retail BUD dish service and for commercial operations as source programming for cable operators | |
| 0x4A70 | DreamCrypt | Dream Multimedia | |||
| 0x4A10 | EasyCas | Easycas | |||
| 0464 | EuroDec | Eurodec | |||
| 5501 | Griffin | Nucleus Systems, Ltd. | |||
| 0x0606 | Irdeto 1 | Irdeto | 199? | Compromised | |
| 0x0602, 0x0604, 0x0606, 0x0608, 0x0622, 0x0626 | Irdeto 2 | Irdeto | 2000 | Partly compromised | |
| 0x4AA1 | KeyFly | SIDSA | Partly compromised (v. 1.0) | ||
| 0x0100 | Seca Mediaguard 1 | SECA | |||
| 0x0100 | Seca Mediaguard 2 | SECA | Partly compromised | ||
| 0x0100 | Seca Mediaguard 3 | SECA | 2008 | ||
| 0x1800, 0x1801, 0x1810, 0x1830 | Nagravision | Nagravision | 2003 | Compromised | |
| 0x1801 | Nagravision Carmageddon | Nagravision | Combination of Nagravision with BetaCrypt | ||
| 0x1702, 0x1722, 0x1762, 0x1801 | Nagravision Aladin | Nagravision | |||
| 0x1801 | Nagravision 3 - Merlin | Nagravision | 2007 | Secure | |
| 0x4AD4 | OmniCrypt | Widevine Technologies, Inc. | 2004 | Used only for adult television channels | |
| 0x0E00 | PowerVu | Scientific Atlanta | Secure | Professional system widely used by cable operators for source programming | |
| 0x0E00 | PowerVu+ | Scientific Atlanta | Secure | Professional system used by cable operators for source programming | |
| 0x1000 | RAS (Remote Authorisation System) | Tandberg Television | Professional system, not intended for consumers. | ||
| 0x4AE0 | RossCrypt | Digi Raum Electronics Co. Ltd. | Secure | ||
| 0101 | RusCrypto | ||||
| 4A60, 4A61, 4A63 | SkyCrypt/Neotioncrypt/Neotion SHL | AtSky/Neotion[1] | 2003 | ||
| ? | T-crypt | ||||
| 0x4A80 | ThalesCrypt | TPS | Viaccess modification. Was developed after TPS-Crypt was compromised.[2] | ||
| 0x0500 | TPS-Crypt | France Telecom | Compromised | Viaccess modification used with Viaccess 2.3 | |
| 0x0500 | Viaccess PC2.3, or Viaccess 1 | France Telecom | Compromised | ||
| 0x0500 | Viaccess PC2.4, or Viaccess 2 | France Telecom | 2002 | Compromised | |
| 0x0500 | Viaccess PC2.5, or Viaccess 2 | France Telecom | Secure | ||
| 0x0500 | Viaccess PC2.6, or Viaccess 3 | France Telecom | 2005 | Secure | |
| 0x0500 | Viaccess PC3.0 | France Telecom | Secure | ||
| VideoCrypt I | News Datacom | ||||
| VideoCrypt II | News Datacom | ||||
| VideoCrypt-S | News Datacom | ||||
| 0x0911, 0x0919, 0x0960, 0x0961 | NDS Videoguard 1 | NDS | Compromised | ||
| 0x0911, 0x0919, 0x0960, 0x0961 | NDS Videoguard 2 | NDS | |||
| 0x0911, 0x0919, 0x0960, 0x0961, 0x093b, 0x0963 | NDS Videoguard 3 | NDS | 2008 | ||
| 4AD0, 4AD1 | X-Crypt | XCrypt Inc. | Used only for adult television channels | ||
| 5500, 4AE0 | Z-Crypt/DRE-Crypt | Digi Raum Electronics | Secure |
See also
- Access control, the same principle applied outside of television.
- B-CAS
- CableCARD
- Card sharing
- Compression Networks
- Digicipher 2
- Digital rights management
- Downloadable Conditional Access System
- Irdeto Access
- Pirate decryption
- PowerVu
- Smart card
- Television encryption
- Viaccess
- Videocipher
- VideoGuard
References
- ^ "Skycrypt". 17.01.2008. http://sat.uz/2008/01/17/skycrypt.html. Retrieved 2008-08-28.
- ^ "TPSCrypt". 17.01.2008. http://sat.uz/2008/01/17/tpscrypt.html. Retrieved 2008-08-28.
External links
- CAS history in Spanish
- DVB.org
- CA IDs list on DVB.org
|
|||||||||||||||||||||||
This entry is from Wikipedia, the leading user-contributed encyclopedia. It may not have been reviewed by professional editors (see full disclaimer)
