190 likes | 443 Views
Audio/Video compression Security. Alain Bouffioux December, 20, 2006. Agenda. What is cryptography Symmetric & public-key cryptography Why cryptography for DVB ? Conditional access information in MPEG/DVB Conditional access mechanism Conditional access interfaces.
E N D
Audio/Video compressionSecurity Alain Bouffioux December, 20, 2006
Agenda • What is cryptography • Symmetric & public-key cryptography • Why cryptography for DVB ? • Conditional access information in MPEG/DVB • Conditional access mechanism • Conditional access interfaces AV Compression / Alain Bouffioux
What is cryptography (1/2) • Why cryptography ? • CONFIDENTIALITY - The message is not listened • INTEGRITY - The message is not modified • AUTHENTICITY - The message has been sent by Alice • NON-REPUDIATION - Alice cannot falsely deny she has sent the message AV Compression / Alain Bouffioux
What is cryptography (2/2) • Basic terminology AV Compression / Alain Bouffioux
Symmetric & public-key cryptography(1) Symmetric cryptography Public-key cryptography Key1 = Key2 Key 1 Key 2 • Public-key cryptographyOne Public-key (known by everybody) : PKOne Private-key or Secret-key (kept secret) : SK • C = EKey1(M) M = DKey2(C) = DKey2(EKey1(M)) In public-key cryptography, key1 may be PK or SK and key2 is the other key. AV Compression / Alain Bouffioux
Example of symmetric cryptography Key stream as long as message Key stream = pseudo-random sequence (easy to break) Low security should be compensated by frequent change of keys necessity of secure channel 2 channels : one for the message & one for the key Symmetric & public-key cryptography(2) AV Compression / Alain Bouffioux
Symmetric & public-key cryptography(3) • Example of public-key cryptography AV Compression / Alain Bouffioux
Symmetric & public-key cryptography(4) • Symmetric cryptography example : DES • Public-key cryptography example : RSA (1977) • Symmetric versus public-key cryptography • Symmetric cryptography is faster (about 1000 times). • Low security of symmetric cryptography (due to the necessity of key transport) is improved by a frequent change of the key. • In Public-key cryptography the secret-key may be kept secret. It is never transported High security. • Different usage : In DVB, symmetric key algorithm for encrypting data, public-key algorithm for key management (secure channel). • Hybrid cryptosystemExample : DES for message and RSA for key encryption AV Compression / Alain Bouffioux
Cryptography and DVB (1/2) • Cryptography may prevent unauthorised receiver from decoding the program. • DVB compared with banking or military secret • high information rate • low information value • decryption must be cheap • Cost of cracking the system should be higher than the benefits gained from the cracking • Cryptography in DVB is a trade-off between cost/complexity versus piracy-proof. • CA (Conditional Access) = very sensitive subject. Some service providers want their own CA system. AV Compression / Alain Bouffioux
Cryptography and DVB (2/2) • MPEG does not specify a conditional access (CA) system but defines a frame to support CA. • DVB characterises some aspect left undefined by MPEG,It defines a CA interface. • The broadcaster develops its CA system using a CA interface. • DVB is based on • symmetric cryptography for audio-visual transmission • frequent key change to increase security • Public-key cryptography for key-exchange • DVB relies on • stream of ECM’s (Entitlement Control Message) • stream of EMM’s (Entitlement Management Message) AV Compression / Alain Bouffioux
CA information in MPEG TS (1/2) AV Compression / Alain Bouffioux
CA information in MPEG TS (2/2) AV Compression / Alain Bouffioux
Encrypted AV data Clear AV Data Decryption CW’s Access control parameters SK EntitlementSK PDK1 PDK2 PDK The CA mechanism : illustration SMARTCARD Decryption ECM’s(Program related) Decryption EMM’s(CA system related) IK AV Compression / Alain Bouffioux
The CA mechanism (1/2) • AV streams are scrambled with Control Words (CW) using symmetric cryptography • CW are encrypted using Service Keys (SK), are placed in ECM’s and are securely transmitted to the receiver AV Compression / Alain Bouffioux
The CA mechanism (2/2) • SK are encrypted using public-key cryptography -Keys are IK (unique key internal to the smartcard) or PDK (transmitted via EMM’s in order to define user’s group) • ECM’s carries (informations related to a single program PID of ECM’s in PMT) • enciphered CW • access parameters • ECM’s are decoded to CW if the receiver contains the required entitlements • EMM’s carries (information related to a conditional access system PID of EMM’s in CAT) • New entitlements, SK’s (Service Keys) • Programmer distribution key AV Compression / Alain Bouffioux
About DVB scrambling • Encryption occurs after compression (at the location in the stream where the redundancy is at its lowest value) in order to have a robust encryption system. • Encryption may occur at PES level or at TS level. • DVB scrambling is transparent (a valid TS remains valid after scrambling) facilitates transport and manipulation. • Synchronisation based on PCR’s constant time required for scrambling/descrambling. • Security device should authenticate EMM’s origin. • CA is only one aspects of cryptography usage in DVB. An other may be copy protection by (watermarking) and authentication (by signature). AV Compression / Alain Bouffioux