Home >> July 2009 Edition >> THE FORRESTER FOCUS
"Smart Card" Encryption Under Pressure

by Chris Forrester

Piracy is never far from the pay-TV industry’s thoughts. Two recent documents throw some light into the murky world of Conditional Access. First, a White Paper from Barry Flynn and his colleagues at Farncombe Technology* looks closely at the challenges facing traditional Conditional Access systems, and especially those commonly used in satellite DTH. The report states that the traditional one-to-many delivery processes for programming are rapidly changing, and with these changes new CA methods might be needed.

Farncombe says: ‘Pure’ broadcast networks are becoming a thing of the past as they are increasingly hybridized with broadband ones:
  • An increasing number of pay-TV businesses are operated by Internet players over IP networks
  • The diversity of video consumption modes and their associated devices is growing exponentially, eroding the dominance of traditional linear TV consumption
  • Piracy is increasingly performed by simply distributing content or by sharing scrambling keys (so-called ‘control words’) over the Internet

“All of these developments are leading to video services becoming increasingly available in ‘connected’ environments. This raises the question of whether the traditional method of protecting pay-TV content from piracy and securing its distribution — i.e., through a smartcard-based system originally designed to secure content broadcast on one-way networks – remains appropriate,” says Farncombe.

Traditional DVB-based schemes potentially contain a weakness, the report suggests: “The scrambling algorithm used to make the content unreadable is standardized, as well as the reciprocal descrambling one. In other words, the descrambling function is the same in all DVB STBs, and is not diversified at all (either on a per-smartcard or on a per-STB basis).

This means that there always exists a physical location in the STB where these clear and non-diversified control words can be intercepted (this is at the point where they are communicated to the standard descrambler). They can thus be re-used, as is by any other standard implementation of the DVB descrambling algorithm, and so give access to the scrambled content.”

“This risk was not that significant before the days of widespread broadband penetration, but today many CA systems are being compromised by this type of attack using so-called control-word sharing. This is where a ‘hacked’ STB is used to feed a stream of in-the-clear control words across the Internet to a large population of pirate devices — which only need to contain a DVB-standard descrambling system to be able illegally to access premium content. Tracing the ‘hacked’ master device in such a situation is extremely difficult.”

“Clearly,” says the White Paper, “in this type of CA process, the vulnerability lies within the set-top box. This means that when a pay-TV operator buys a CA system, the level of security afforded by the STB hardware in protecting the interface between the smartcard and the descrambler is as important as the resistance of the smartcard itself and of the
cryptological mechanisms it uses.

“It is, therefore, absolutely critical to the overall security of any CA system operating in a DVB environment that the communication channel between the smartcard and the silicon of the DVB descrambler be made opaque: this minimizes the opportunity for the interception of in-the-clear control words. This level of security must be ensured on 100% of the devices that can potentially host the CA system, since only one device needs to be hacked for control words to be disseminated around the globe across the Internet.”

The merits (and challenges) of card-based systems are well understood, but Farncombe’s White Paper also examines the pros and cons of a cardless approach. “On the face of it, cardless solutions should have one advantage, at least, over smartcard-based ones, in that there are probably more ways to hide large secrets in the software and hardware system of an STB than in a simple smartcard. There is also no smartcard interface to be rendered secure, since the ‘smartcard’ is — conceptually speaking — embedded inside the STB software itself.”
“Balanced against this advantage is the problem of relying on off-the-shelf devices to hide these essential secrets. Further, in the DVB control-word context mentioned above, cardless solutions still need to protect themselves against control-word sharing attacks, for the same reasons as smartcard-based systems do, as — in principle — control words are still used. Once discovered within the STB they may be used in any other STB that includes the common scrambling algorithm.”

“Consequently,” says Farncombe, “providers of cardless solutions also need to require a very high level of tamper-resistance from STB manufacturers, across 100% of the hosting devices (not just most of them: as mentioned earlier, only one device needs to be hacked for control words to be disseminated around the globe across the Internet).”

“In one-way environments, cardless solutions also have significant additional weaknesses when compared to smartcard-based systems:

  • In these systems, all the security is hosted within the STB, which is generally a commercially available piece of hardware. This makes reverse engineering significantly easier than with (good) smartcards
  • The STB’s tamper-resistance is particularly critical in a cardless environment: unlike smartcard-based systems, compromising the STB hardware not only exposes the system to control-word sharing attacks, but possibly to other types of attack, including ‘perfect cloning’ of STBs
  • ‘Perfect cloning’ represents an insurmountable challenge to cardless systems: once a device is copied, the perfect copies will follow all updates, maintain themselves, and work in a stand-alone way, with no need for a broadband connection (which is required for a control-word sharing hack to succeed). If the cloned device is detected, the clone-maker only has to provide a new identity to the ‘perfect clones’ and they will continue to work
  • While smartcards can be more easily swapped, technology improvements will tend to make the cardless solution’s hardware security features embedded in the STBs obsolete over time, increasing the chances of a ‘perfect clone’ being built

“Consequently, cardless systems are arguably unable seriously to compete with the level of security offered by a (good) smartcard-based system in a one-way broadcast network,” says Farncombe. “This is especially true of cardless systems that can be embedded in devices which are not strictly required to observe comprehensive and drastic hardware security requirements.

* The complete White Paper can be downloaded from: www.farncombe.eu/info@farncombe.eu

Portable devices mean high piracy risks
‘Cloakware,’ part of the Irdeto Group (and Naspers), has also released a White Paper* that details how advanced features of the next generation of set-top boxes have created new content security challenges.

“Such new content portability developments as Home Networking in which content is pushed beyond the TV to a wide range of connected digital devices has significantly increased the complexity of security requirements. According to the White Paper, ‘Security Impacts of Next-Generation Set-Top Boxes,’ set-top boxes (STB) and their associated conditional access (CA) systems and digital rights management (DRM) technologies are under increased threat from device tampering, software security breaches and hacker attacks that can significantly impact the reputation and bottom line for both STB manufacturers and service providers.”

Consumer demand for media-rich home entertainment services has driven innovation and new revenue opportunities in the STB industry. Next-generation STBs will integrate video content from multiple signal sources such as broadcast television, premium video-on-demand and Internet-based ser­vices as well as provide value-added capabilities like time-shifting. They will also allow content to be distributed to a variety of viewing devices including multi-room TV networks, personal computers, por­table media players and other mobile devices which are more susceptible to piracy than set-top boxes, says the Cloakware White Paper.

“At the same time, content owners, including movie and television studios, de­mand protection against the piracy of their intellectual prop­erty and require that content licensees (such as cable or satellite operators) take steps to prevent security breaches and to mitigate against damage should a breach occur as part of their distribution agreements.”

“Set-top box manufacturers have rigorous compliance and robustness rules that they need to address to satisfy their customers,” said Greg McKesey, V.P./Consumer Products for Cloakware. “Cloakware provides them with cost effective, drop in, easy to integrate content protection components that meet or exceed studio and operator content security requirements, allowing these set-top box manufacturers to meet those stringent regulations and get their products to market faster.”

The download is available from: