Renewable security

Renewable Security was a concept that evolved after the repeated hacks of analogue TV encryption systems in the late 1980s. Simply stated, rather than completely replacing a hacked TV encryption system, only part of it would have to be replaced to make it secure again.

The decoders at that time often contained all of the conditional access control data in a microcontroller. This data consisted generally of the decoder's identity, the subscriber's identity number and subscription data. When the decoder was hacked, the whole system was effectively compromised as other subscriber identity data could be substituted and the hackers had control. This security model also more commonly known as the Embedded Secure Processor model as the secure processor, the microcontroller, was embedded in the decoder itself.

The systems manufacturers countered with the Detachable Secure Processor model. In this security model, the decoder itself would not be the critical part of the system. The subscriber identity data and subscription details would be stored in a smartcard - the Detachable Secure Processor. Any compromise of the smartcard could then be countered by issuing a new, more secure, smartcard to subscribers.

Renewable Security is good in theory. It provides hackers with a moving target rather than a stationary one. In the VideoCrypt system, the initial expectation was that the smartcards would be replaced every six months thus making the emergence of a pirate smartcard less likely. In reality, changing or upgrading the smartcards on a widely used TV Encryption system can be expensive and is done as infrequently as possible.

References