Conditional access

From Wikipedia, the free encyclopedia

Conditional access (acronymized CA) is the protection of content by requiring certain criteria to be met before granting access to this content. The term is commonly used in relation to digital television systems, most notably satellite television.

Under the DVB, conditional access system standards are defined in the specification documents for DVB-CA (Conditional Access), DVB-CSA (the Common Scrambling Algorithm) and DVB-CI (the Common Interface). These standards define a method by which a digital television stream can be obfuscated, with access provided only to those with valid decryption smart cards.

This is achieved by a combination of scrambling and encryption. Encryption is the process of protecting the secret keys that are transmitted with a scrambled stream in order to enable the descrambler to work at the receiving end. The scrambler key, called the control word, must, of course, be sent to the receiver, and is encrypted as an entitlement control message (ECM). The CA subsystem in the receiver will decrypt the control word only when authorised to do so; that authority is sent to the receiver in the form of an entitlement management message (EMM). The control word is typically changed at intervals of 10 seconds. The ECM is changed at perhaps monthly intervals to discourage unauthorised viewing; this being apparently not sufficient, TPS has lowered this interval down to about 12 minutes.

The decryption cards are read, and sometimes updated with specific access rights, through a Conditional Access Module (CAM), a PCMCIA format card reader, or a built-in card reader meeting DVB-CI standards, such as that in the Sky Digibox.

In the United States cable systems, the standard for conditional access is provided with Cablecards whose specification was developed by the cable company consortium Cablelabs. Cable companies in the US are required by the Federal Communications Commission to support CableCards, but standards exist only for one way communication and do not apply to satellite television. Next generation approaches in the United States eschew such physical cards and employ schemes using downloadable software for conditional access such as DCAS. The main appeal of such approaches is that the access control may be upgraded dynamically in response to security breaches without requiring expensive exchanges of physical conditional access modules. Another appeal is that it may be inexpensively be incorporated in non traditional media display devices such as Portable media players.

Several companies provide competing CA systems; VideoGuard, Irdeto Access, Nagravision, Conax, Viaccess and Mediaguard (a.k.a. SECA) are among the most commonly used CA systems. The DVB standard allows the simultaneous encryption of a channel in more than one system: Simulcrypt allows several CA systems to work side by side (encouraging multiplex operators to cooperate), transmitting different entitlement control messages (ECM) to receivers with different CA systems.

Due to the common usage of CA in DVB systems, many tools to aid in or even directly circumvent encryption exist. CAM emulators and multiple-format CAMs exist which can either read several card formats or even directly decrypt a compromised encryption scheme. Most multiple format CAMs and all CAMs that directly decrypt a signal are based on reverse engineering of the CA systems. A large proportion of the systems currently in use for DVB encryption have been opened to full decryption at some point, including Nagravision, Conax, Viaccess and Mediaguard (v1).