25 Mar 2011
Reaction score
This Article Provides A Simple Overview Of The Key Components & Operation Of A Conditional Access System.

What is a Conditional Access System ? It is any system that is used to limit the access of TV signals, to only those whom are authorised to view the specific TV channel. (Actually, CA is not designed solely for Digital TV. It can be used for digital radio broadcasts, digital data broadcasts, and non-broadcast information and interactive services.)

The CAS system must simultaneously perform the following 2 functions:

Enable subscribed customers to view the content.
Prevent unauthorized viewers from viewing the same content.


To understand how CA is used, we first need to look at the data it encrypts. Each individual program that a broadcaster provides is composed of many elements, such as video, audio and text.

In digital television, these elements are converted into digital form using an MPEG-2 (or MPEG-4) encoder.

The MPEG-2 data stream of each TV channel is broken up into many packets.


The sum total of these packets for each program (TV Channel) is called the Program Elementary Stream (PES).


The PES for multiple TV channels are multiplexed (combined) together, into a Transport Stream. The Transport Stream is organised into 188- byte packets for transmission. At this point, it is called the Digital Video Broadcast (DVB) MPEG-2 transport stream (TS).

The CAS can scramble the programming data either at the PES level or the TS level.


The Conditional Access system works by using a set of codes or keys. These keys are protected and hidden by various data encryption methods.

The keys scramble the signal, making it accessible only to authorized set-top boxes.


In India, we follow the European DVB (Digital Video Broadcasting) standard. DVB standards have been specified separately for:

DVB-CA (Conditional Access),
DVB-CSA (the Common Scrambling Algorithm) and
DVB-CI (the Common Interface).

These standards define the method by which a digital TV stream can be made un-viewable to all except those STBs with valid decryption smart cards.


Making the TV signal un-viewable selectively, is achieved by a combination of scrambling and encryption.


The data stream is scrambled with an 8-byte secret key, called the control word.

Knowing the value of the control word at a given moment is of relatively little value, as under normal conditions, content providers will change the control word several times per minute.

The Control Word (CW) is generated automatically in such a way that successive values are not usually predictable; the DVB specification recommends using a physical process for that.

In order for the receiver to unscramble the data stream, it must be permanently informed about the current value of the control word. In practice, it must be informed slightly in advance, so that no viewing interruption occurs.


Encryption is used to protect the control word during transmission to the receiver.


The control word is encrypted as an Entitlement Control Message (ECM).

The Conditional Access (CA) subsystem in the receiver will decrypt the control word only when it is authorised to do so.


The authorisation to decrypt is sent to the receiver in the form of an Entitlement Management Message (EMM)..

The EMMs are specific to each subscriber, as identified by the smart card in his receiver.

New EMMs are issued much less frequently than ECMs; typically at intervals ranging from about every 10 minutes to upto once every 6 weeks.

The NDS encryption used on BSkyB's DTH system generates a new EMM every 6 weeks.

On the other hand, when NagraVision 2 was hacked, Digital+ generated a new EMM every 3 days to make hacking more difficult.

The contents of ECMs and EMMs are not standardized and each Conditional Access System uses different ECMs and EMMs. Infact the security of a given CA system depends primarily on the efficiency of the algorithm used for ECM, EMM encryption. Such algorithms are closely guarded secret. The CA module in the STB contains the relevant ECM, EMM decryption algorithm.

The Security Of Any CA System Depends On The Algorithm Used For ECM, EMM Encryption


The control word can be transmitted through different ECMs at the same time. This effectively creates and allows the use of several Conditional Access Systems at the same time. This is called SimulCrypt.

SimulCrypt uses multiple set-top boxes, each using a different CA system.

SimulCrypt saves bandwidth and encourages multiplex operators to cooperate. DVB SimulCrypt is widespread in Europe; some channels, like the CNN International Europe from the Hot Bird satellites, can use 7 different CA systems in parallel.

The decryption cards are read, and sometimes updated with specific access rights, either through a Conditional Access Module (CAM), a PC cardformat card reader meeting DVB-CI standards, or through a built-in ISO/IEC 7816 card reader, such as that in the Sky Digibox.


MultiCrypt allows multiple CA systems to be used with one set-top box by using a PC card with an embedded smart card for each CA system used. Each card is then plugged into a slot in the set-top box. Each card recognizes the ECM and EMM needed for authorization.


To summarise all the above, a typical Conditional Access system involves 3 basic blocks, viz: The broadcast equipment, the Set-Top Box, and the security module.

The broadcast equipment generates the encrypted programs that are transmitted to the subscriber.

The STB receives these signals and contacts the security module, located inside the STB, asking which of all the received channels can be decrypted. The security module dictates which channels cab be decrypted and viewed by that particular STB / subscriber. The STB then decrypts / un-scrambles these permitted channels.

A CA system consists of the following main operational blocks:

The SMS is a subsystem of the CA system that stores and manages details of each subscriber, and the TV channels that he has subscribed to. Based on the channels that the subscriber has paid for, the SMS asks for Entitlement Management Messages (EMM) from the Subscriber Authorization System (SAS).
An EMM provides general information about the subscriber and the status of the subscription. The EMM is sent with the ECM.
The ECM contains the key for decrypting the transmitted programs.
The SAS is a subsystem of the CA system that translates the information about the subscriber into an EMM, when the Subscriber management System requests for it.
The SAS also ensures that the subscriber's security module receives the authorization needed to view the programs. Further, theS AS acts as a backup system in case of failure.
The security module, usually in the form of a smart card, extracts the EMM and ECM necessary for decrypting the transmitted programs. The security module is either embedded within the set-top box or in a PC Card that plugs into the set-top box.
The set-top box houses the security module that gives authorization for decrypting the transmitted programs. The set-top box also converts the digital signal to an analogue signal so an older television can display the programs.
Figure 2 is a block diagram of a typical set-top box.


No STB is complete without 'Middleware.' By definition, middleware is a software / program that is located in the middle of 2 other programs or systems, and provides a means for smooth exchange of data.

For the STB consumer, the middleware provides the on screen look and feel of the STB. For example, the look and feel for a DishTV or TataSky STB is provided by their respective middleware. Middleware can also provide an interface in another language. Two STBs may have identical hardware but their users may see completely different user interface screens, due to their middleware. Also when an MSO decides to offer added services such as Pay per view, only the middleware needs to be updated.


Over the past 2 decades, only a few companies have provided CAS system, creating a limited monopoly. These companies often charge heavily for their CA systems. Often customers will seek guarantees that the system will not be hacked, and financial re-imbursement of refurbishing the STBs with a new version of the CA, should an earlier one be hacked.

Popular International vendors for CAS include NDS, LATENS, Conax, Viaccess, Irdeto, Nagravision, PowerVu (From Cisco - Scientific Atlanta) etc.

Recently, Suma Vision of China has also started promoting their CAS, offering it at a very attractive price, for Indian headends.

The Indian standards remain quite open to adoption of any SMS, and the conditions necessary for the BIS approval of a Conditional Access System, and clearly defined. (See Box)

Selection of the CA system is a major decision, and contributes a substantial part of the cost of a digital headend, as well as the incremental cost per STB that is embedded with the CA system.


Due to the large value of protected content, individuals (hackers0 have worked towards decrypting the TV signals, with their own unauthorised hardware. Many tools to aid or even completely by-pass completely, specific encryption systems, have been developed over the years.

These devices include Conditional; Access modules for un-authorised viewing of a single or even multiple Conditional Access Systems. Typically these CAMs are developed by understanding the working of a system, and then 'reverse engineering' it. Many CAS system embed their encryption system entirely inside a single silicon chip or IC, so that the ECM, EMM and other confidential data never leaves the chip, where it can be externally intercepted and duplicated. Despite all these measures, almost 80% of all Conditional Access System have been compromised (hacked), and new versions have had to be developed and deployed.

link : http://www.scatmag.com/apr11/technical_art.htm
Despite all these measures, almost 80% of all Conditional Access System have been compromised (hacked), and new versions have had to be developed and deployed.

there r any hacking tricks in india ?
Aiwei Conditional Access System CAS SOFTWARE best & easy

naseeb786 said:
Aiwei Conditional Access System CAS SOFTWARE best & easy


kltiwari said:
naseeb786 said:
Aiwei Conditional Access System CAS SOFTWARE best & easy


u must be register firdt to view this image
registration is free on http://imageshack.us/

u first have to register to view this images
registration is free on http://imageshack.us/
Don't use imageshack for uploading image. I can't view this.
Is this the one, you want to upload ?
ya imageshark is the worst image uploading site now a days:Shoot:

Top Bottom
AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features of our website. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock