• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

UNDERSTANDING CONDITIONAL ACCESS SYSTEMS

Joined
Mar 25, 2011
Messages
2,473
Likes
1,156
#1
This Article Provides A Simple Overview Of The Key Components & Operation Of A Conditional Access System.


What is a Conditional Access System ? It is any system that is used to limit the access of TV signals, to only those whom are authorised to view the specific TV channel. (Actually, CA is not designed solely for Digital TV. It can be used for digital radio broadcasts, digital data broadcasts, and non-broadcast information and interactive services.)

The CAS system must simultaneously perform the following 2 functions:

Enable subscribed customers to view the content.
Prevent unauthorized viewers from viewing the same content.

MPEG & DATA STREAMS

To understand how CA is used, we first need to look at the data it encrypts. Each individual program that a broadcaster provides is composed of many elements, such as video, audio and text.

In digital television, these elements are converted into digital form using an MPEG-2 (or MPEG-4) encoder.

The MPEG-2 data stream of each TV channel is broken up into many packets.

PES

The sum total of these packets for each program (TV Channel) is called the Program Elementary Stream (PES).

TRANSPORT STREAM (TS)

The PES for multiple TV channels are multiplexed (combined) together, into a Transport Stream. The Transport Stream is organised into 188- byte packets for transmission. At this point, it is called the Digital Video Broadcast (DVB) MPEG-2 transport stream (TS).

The CAS can scramble the programming data either at the PES level or the TS level.

KEYS

The Conditional Access system works by using a set of codes or keys. These keys are protected and hidden by various data encryption methods.

The keys scramble the signal, making it accessible only to authorized set-top boxes.

CAS IN DVB

In India, we follow the European DVB (Digital Video Broadcasting) standard. DVB standards have been specified separately for:

DVB-CA (Conditional Access),
DVB-CSA (the Common Scrambling Algorithm) and
DVB-CI (the Common Interface).

These standards define the method by which a digital TV stream can be made un-viewable to all except those STBs with valid decryption smart cards.

SCRAMBLING & ENCRYPTION

Making the TV signal un-viewable selectively, is achieved by a combination of scrambling and encryption.

SCARMBLING KEY

The data stream is scrambled with an 8-byte secret key, called the control word.

Knowing the value of the control word at a given moment is of relatively little value, as under normal conditions, content providers will change the control word several times per minute.

The Control Word (CW) is generated automatically in such a way that successive values are not usually predictable; the DVB specification recommends using a physical process for that.

In order for the receiver to unscramble the data stream, it must be permanently informed about the current value of the control word. In practice, it must be informed slightly in advance, so that no viewing interruption occurs.

ENCRYPTION

Encryption is used to protect the control word during transmission to the receiver.

ECM

The control word is encrypted as an Entitlement Control Message (ECM).

The Conditional Access (CA) subsystem in the receiver will decrypt the control word only when it is authorised to do so.

EMM

The authorisation to decrypt is sent to the receiver in the form of an Entitlement Management Message (EMM)..

The EMMs are specific to each subscriber, as identified by the smart card in his receiver.

New EMMs are issued much less frequently than ECMs; typically at intervals ranging from about every 10 minutes to upto once every 6 weeks.

The NDS encryption used on BSkyB's DTH system generates a new EMM every 6 weeks.

On the other hand, when NagraVision 2 was hacked, Digital+ generated a new EMM every 3 days to make hacking more difficult.

The contents of ECMs and EMMs are not standardized and each Conditional Access System uses different ECMs and EMMs. Infact the security of a given CA system depends primarily on the efficiency of the algorithm used for ECM, EMM encryption. Such algorithms are closely guarded secret. The CA module in the STB contains the relevant ECM, EMM decryption algorithm.

The Security Of Any CA System Depends On The Algorithm Used For ECM, EMM Encryption

SIMULCRYPT

The control word can be transmitted through different ECMs at the same time. This effectively creates and allows the use of several Conditional Access Systems at the same time. This is called SimulCrypt.

SimulCrypt uses multiple set-top boxes, each using a different CA system.

SimulCrypt saves bandwidth and encourages multiplex operators to cooperate. DVB SimulCrypt is widespread in Europe; some channels, like the CNN International Europe from the Hot Bird satellites, can use 7 different CA systems in parallel.

The decryption cards are read, and sometimes updated with specific access rights, either through a Conditional Access Module (CAM), a PC cardformat card reader meeting DVB-CI standards, or through a built-in ISO/IEC 7816 card reader, such as that in the Sky Digibox.

MULTICRYPT

MultiCrypt allows multiple CA systems to be used with one set-top box by using a PC card with an embedded smart card for each CA system used. Each card is then plugged into a slot in the set-top box. Each card recognizes the ECM and EMM needed for authorization.

COMPONENTS OF A CAS

To summarise all the above, a typical Conditional Access system involves 3 basic blocks, viz: The broadcast equipment, the Set-Top Box, and the security module.

The broadcast equipment generates the encrypted programs that are transmitted to the subscriber.

The STB receives these signals and contacts the security module, located inside the STB, asking which of all the received channels can be decrypted. The security module dictates which channels cab be decrypted and viewed by that particular STB / subscriber. The STB then decrypts / un-scrambles these permitted channels.

A CA system consists of the following main operational blocks:

SUBSCRIBER MANAGEMENT SYSTEM (SMS):
The SMS is a subsystem of the CA system that stores and manages details of each subscriber, and the TV channels that he has subscribed to. Based on the channels that the subscriber has paid for, the SMS asks for Entitlement Management Messages (EMM) from the Subscriber Authorization System (SAS).
An EMM provides general information about the subscriber and the status of the subscription. The EMM is sent with the ECM.
The ECM contains the key for decrypting the transmitted programs.
SUBSCRIBER AUTHORIZATION SYSTEM (SAS)
The SAS is a subsystem of the CA system that translates the information about the subscriber into an EMM, when the Subscriber management System requests for it.
The SAS also ensures that the subscriber's security module receives the authorization needed to view the programs. Further, theS AS acts as a backup system in case of failure.
SECURITY MODULE
The security module, usually in the form of a smart card, extracts the EMM and ECM necessary for decrypting the transmitted programs. The security module is either embedded within the set-top box or in a PC Card that plugs into the set-top box.
SET-TOP BOX
The set-top box houses the security module that gives authorization for decrypting the transmitted programs. The set-top box also converts the digital signal to an analogue signal so an older television can display the programs.
Figure 2 is a block diagram of a typical set-top box.

MIDDLEWARE

No STB is complete without 'Middleware.' By definition, middleware is a software / program that is located in the middle of 2 other programs or systems, and provides a means for smooth exchange of data.

For the STB consumer, the middleware provides the on screen look and feel of the STB. For example, the look and feel for a DishTV or TataSky STB is provided by their respective middleware. Middleware can also provide an interface in another language. Two STBs may have identical hardware but their users may see completely different user interface screens, due to their middleware. Also when an MSO decides to offer added services such as Pay per view, only the middleware needs to be updated.

POPULAR CAS VENDORS

Over the past 2 decades, only a few companies have provided CAS system, creating a limited monopoly. These companies often charge heavily for their CA systems. Often customers will seek guarantees that the system will not be hacked, and financial re-imbursement of refurbishing the STBs with a new version of the CA, should an earlier one be hacked.

Popular International vendors for CAS include NDS, LATENS, Conax, Viaccess, Irdeto, Nagravision, PowerVu (From Cisco - Scientific Atlanta) etc.

Recently, Suma Vision of China has also started promoting their CAS, offering it at a very attractive price, for Indian headends.

The Indian standards remain quite open to adoption of any SMS, and the conditions necessary for the BIS approval of a Conditional Access System, and clearly defined. (See Box)

Selection of the CA system is a major decision, and contributes a substantial part of the cost of a digital headend, as well as the incremental cost per STB that is embedded with the CA system.

HACKING

Due to the large value of protected content, individuals (hackers0 have worked towards decrypting the TV signals, with their own unauthorised hardware. Many tools to aid or even completely by-pass completely, specific encryption systems, have been developed over the years.

These devices include Conditional; Access modules for un-authorised viewing of a single or even multiple Conditional Access Systems. Typically these CAMs are developed by understanding the working of a system, and then 'reverse engineering' it. Many CAS system embed their encryption system entirely inside a single silicon chip or IC, so that the ECM, EMM and other confidential data never leaves the chip, where it can be externally intercepted and duplicated. Despite all these measures, almost 80% of all Conditional Access System have been compromised (hacked), and new versions have had to be developed and deployed.

link : http://www.scatmag.com/apr11/technical_art.htm
 

Vikram

Staff member
Administrator
Joined
Nov 3, 2010
Messages
5,623
Likes
3,950
#2
Despite all these measures, almost 80% of all Conditional Access System have been compromised (hacked), and new versions have had to be developed and deployed.
there r any hacking tricks in india ?
 

naseeb786

Registered
Joined
Apr 24, 2011
Messages
46
Likes
25
#3
Aiwei Conditional Access System CAS SOFTWARE best & easy

http://img816.imageshack.us/img816/1808/aiweiconditionalaccesss.jpg
 

Napster

Registered
Joined
Apr 7, 2011
Messages
1,653
Likes
236
#4
naseeb786 said:
Aiwei Conditional Access System CAS SOFTWARE best & easy

http://img816.imageshack.us/img816/1808/aiweiconditionalaccesss.jpg
:thinking:
 

naseeb786

Registered
Joined
Apr 24, 2011
Messages
46
Likes
25
#5
kltiwari said:
naseeb786 said:
Aiwei Conditional Access System CAS SOFTWARE best & easy

http://img816.imageshack.us/img816/1808/aiweiconditionalaccesss.jpg
:thinking:
u must be register firdt to view this image
registration is free on http://imageshack.us/[hr]
u first have to register to view this images
registration is free on http://imageshack.us/
 
Joined
Mar 22, 2011
Messages
1,304
Likes
334
#6
Don't use imageshack for uploading image. I can't view this.
Is this the one, you want to upload ?
 
Joined
May 10, 2011
Messages
2
Likes
0
#10
:Shoot::Shoot::Shoot::Shoot::Shoot::Shoot::aggressive::aggressive::aggressive::aggressive:[hr]
:wallnalsirmarna::wallnalsirmarna::wallnalsirmarna::wallnalsirmarna::wallnalsirmarna::wallnalsirmarna: