Conditional access (CA) is a term commonly used in relation to
software
Software consists of computer programs that instruct the Execution (computing), execution of a computer. Software also includes design documents and specifications.
The history of software is closely tied to the development of digital comput ...
and to
digital television
Digital television (DTV) is the transmission of television signals using Digital signal, digital encoding, in contrast to the earlier analog television technology which used analog signals. At the time of its development it was considered an ...
systems. Conditional access is an evaluation to ensure the person who is seeking access to content is authorized to access the content. Access is managed by requiring certain criteria to be met before granting access to the content.
In software
Conditional access is a function that lets an organization manage people's access to the software in question, such as email, applications, and documents. It is usually offered as
SaaS
Software as a service (SaaS ) is a cloud computing service model where the provider offers use of application software to a client and manages all needed physical and software resources. SaaS is usually accessed via a web application. Unlike oth ...
(Software-as-a-Service) and deployed in organizations to keep company data safe. By setting conditions on the access to this data, the organization has more control over who accesses the data and where and in what way the information is accessed.
When setting up conditional access, access can be limited to or prevented based on the policy defined by the system administrator. For example, a policy might require that access is available from certain networks, or access is blocked when a specific
web browser
A web browser, often shortened to browser, is an application for accessing websites. When a user requests a web page from a particular website, the browser retrieves its files from a web server and then displays the page on the user's scr ...
is requesting the access.
In digital television
Under the
Digital Video Broadcasting
Digital Video Broadcasting (DVB) is a set of international open standards for digital television. DVB standards are maintained by the DVB Project, an international industry consortium, and are published by a Joint Technical Committee (JTC) o ...
(DVB) standard, conditional access system (CAS) standards are defined in the specification documents for DVB-CA (conditional access),
DVB-CSA (the common
scrambling
Scrambling is a mountaineering term for ascending steep terrain using one's hands to assist in holds and balance.''New Oxford American Dictionary''. It can be described as being between hiking and climbing, rock climbing. "A scramble" is a relat ...
algorithm) and
DVB-CI (the
Common Interface). These standards define a method by which one can obfuscate a digital-television stream, with access provided only to those with valid decryption
smart-cards. The DVB specifications for conditional access are available from th
standards page on the DVB website
This is achieved by a combination of
scrambling
Scrambling is a mountaineering term for ascending steep terrain using one's hands to assist in holds and balance.''New Oxford American Dictionary''. It can be described as being between hiking and climbing, rock climbing. "A scramble" is a relat ...
and
encryption
In Cryptography law, cryptography, encryption (more specifically, Code, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the inf ...
. The data stream is scrambled with a 48-bit secret key, called the ''control word''. Knowing the value of the control word at a given moment is of relatively little value, as under normal conditions, content providers will change the control word several times per minute. The control word is generated automatically in such a way that successive values are not usually predictable; the DVB specification recommends using a physical process for that.
In order for the receiver to unscramble the data stream, it must be permanently informed about the current value of the control word. In practice, it must be informed slightly in advance, so that no viewing interruption occurs.
Encryption
In Cryptography law, cryptography, encryption (more specifically, Code, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the inf ...
is used to protect the control word during transmission to the receiver: the control word is encrypted as an ''entitlement control message'' (ECM). The CA subsystem in the receiver will decrypt the control word only when authorised to do so; that authority is sent to the receiver in the form of an ''entitlement management message'' (EMM). The EMMs are specific to each
subscriber
The subscription business model is a business model in which a customer must pay a recurring price at regular intervals for access to a product or service. The model was pioneered by publishers of books and periodicals in the 17th century. It i ...
, as identified by the smart card in his receiver, or to groups of subscribers, and are issued much less frequently than ECMs, usually at monthly intervals. This being apparently not sufficient to prevent unauthorized viewing,
TPS has lowered this interval down to about 12 minutes. This can be different for every provider,
BSkyB
Sky UK Limited (formerly British Sky Broadcasting Limited (BSkyB)), trading as Sky, is a British broadcaster and telecommunications company that provides television, broadband internet, fixed line and mobile telephone services to consumers ...
uses a term of 6 weeks. When
Nagravision 2 was hacked,
Digital+ started sending a new EMM every three days to make unauthorized viewing more cumbersome.
The contents of ECMs and EMMs are not standardized and as such they depend on the conditional access system being used.
Conditional-access systems for digital broadcasting 2016-10
The control word can be transmitted through different ECMs at once. This allows the use of several conditional access systems at the same time, a DVB feature called ''simulcrypt'', which saves bandwidth and encourages multiplex operators to cooperate
DVB Simulcrypt
is widespread in Europe; some channels, like the CNN International
Cable News Network International or CNN International (CNNi, simply branded on-air as CNN) is an international television channel and website, owned by CNN Worldwide. CNN International carries news-related programming worldwide; it cooperates ...
Europe from the Hot Bird
Hot Bird (also styled Hotbird) is a group of satellites operated by Eutelsat, located at 13 °E over the equator ( orbital position) and with a transmitting footprint over Asia, Europe, North Africa, Americas and the Middle East.
Only digital r ...
satellites, can use seven different CA systems in parallel.
The decryption cards are read, and sometimes updated with specific access rights, either through a conditional-access module
A conditional access module (CAM) is an electronic device, usually incorporating a slot for a smart card, which equips an integrated digital television or set-top box with the appropriate hardware facility to view conditional access content t ...
(CAM), a PC card
PC Card is a technical standard specifying an expansion card interface for laptops and personal digital assistants, PDAs. The PCMCIA originally introduced the 16-bit Industry Standard Architecture, ISA-based PCMCIA Card in 1990, but renamed it to ...
-format card reader meeting DVB-CI standards, or through a built-in ISO/IEC 7816
ISO/IEC 7816 is an international standard related to electronic identification cards with contacts, especially smart cards, and more recently, contactless mobile devices, managed jointly by the International Organization for Standardization (ISO) ...
card reader, such as that in the Sky Digibox.
Several companies provide competing CA systems; ABV, VideoGuard
VideoGuard (sometimes referred to simply as ''NDS''), produced by NDS, is a digital encryption system for use with conditional access television broadcasting. It is used on digital satellite television systems – some of which are operated by ...
, Irdeto, Nagravision
Nagravision (or Nagra Kudelski or simply Nagra) is a company of the Kudelski Group that develops conditional access systems for digital cable and satellite television. The name is also used for their main products, the Nagravision enc ...
, Conax, Viaccess
Viaccess is a conditional access system developed by Orange S.A. There are six versions in use today, Viaccess PC2.3, Viaccess PC2.4, Viaccess PC2.5, Viaccess PC2.6, Viaccess ACS3.x/Prime Sentinel, Viaccess ACS4.1, Viaccess ACS5.0, and Viaccess A ...
, Synamedia, Mediaguard
MediaGuard is a conditional access system for digital television developed by SECA (Société Européenne de Contrôle d'Accès; renamed to Canal+ Technologies SA) (CEO François Carayol), a subsidiary of Canal+ Group, sold to Thomson (CEO Thierr ...
(a.k.a. SECA) are among the most commonly used CA systems.
Due to the common usage of CA in DVB systems, many tools to aid in or even directly circumvent encryption exist. CAM emulators and multiple-format CAMs exist which can either read several card formats or even directly decrypt a compromised encryption scheme. Most multiple format CAMs and all CAMs that directly decrypt a signal are based on reverse engineering
Reverse engineering (also known as backwards engineering or back engineering) is a process or method through which one attempts to understand through deductive reasoning how a previously made device, process, system, or piece of software accompl ...
of the CA systems. A large proportion of the systems currently in use for DVB encryption have been opened to full decryption at some point, including Nagravision, Conax, Viaccess, Mediaguard (v1) as well as the first version of VideoGuard.
Conditional access in North America
In Canada and the United States, the standard for conditional access is provided with CableCARDs whose specification was developed by the cable company consortium CableLabs
Cable Television Laboratories, Inc. (CableLabs) is a nonprofit corporation promoting innovation as a research and development lab founded in 1988 by American cable operators. System operators from around the world are eligible to be members.
T ...
.
Cable companies in the United States are required by the Federal Communications Commission
The Federal Communications Commission (FCC) is an independent agency of the United States government that regulates communications by radio, television, wire, internet, wi-fi, satellite, and cable across the United States. The FCC maintains j ...
to support CableCARDs. Standards exist for two-way communication (M-card), but satellite television
Satellite television is a service that delivers television programming to viewers by relaying it from a communications satellite orbiting the Earth directly to the viewer's location.ITU Radio Regulations, Section IV. Radio Stations and Systems ...
has separate standards. Next-generation approaches in the United States eschew such physical cards and employ schemes using downloadable software for conditional access such as DCAS.
The main appeal of such approaches is that the access control
In physical security and information security, access control (AC) is the action of deciding whether a subject should be granted or denied access to an object (for example, a place or a resource). The act of ''accessing'' may mean consuming ...
may be upgraded dynamically in response to security breaches without requiring expensive exchanges of physical conditional-access modules.
Conditional access systems
Conditional access systems include:
Analog systems
*EuroCrypt
EuroCrypt is a conditional access system for Multiplexed Analogue Components-encoded analogue satellite television
Satellite television is a service that delivers television programming to viewers by relaying it from a communications satell ...
*Nagravision
Nagravision (or Nagra Kudelski or simply Nagra) is a company of the Kudelski Group that develops conditional access systems for digital cable and satellite television. The name is also used for their main products, the Nagravision enc ...
*Videocipher
VideoCipher is a brand name of analog scrambling and de-scrambling equipment for cable and satellite television invented primarily to enforce Television receive-only (TVRO) satellite equipment to only receive TV programming on a subscription basis. ...
*VideoCrypt
VideoCrypt is a cryptographic, smartcard-based conditional access television encryption system that scrambles analogue pay-TV signals. It was introduced in 1989 by News Datacom and was used initially by Sky TV and subsequently by several other ...
Digital systems
See also
* Access control
In physical security and information security, access control (AC) is the action of deciding whether a subject should be granted or denied access to an object (for example, a place or a resource). The act of ''accessing'' may mean consuming ...
, the same principle applied outside of television.
* B-CAS
* CableCARD
* Card sharing
* Compression Networks
* Conditional-access module
A conditional access module (CAM) is an electronic device, usually incorporating a slot for a smart card, which equips an integrated digital television or set-top box with the appropriate hardware facility to view conditional access content t ...
* DigiCipher 2
DigiCipher 2, or simply DCII, is a proprietary standard format of digital signal transmission and it doubles as an encryption standard with MPEG-2/MPEG-4 signal video compression used on many communications satellite television and audio signals. ...
* Digital rights management
Digital rights management (DRM) is the management of legal access to digital content. Various tools or technological protection measures, such as access control technologies, can restrict the use of proprietary hardware and copyrighted works. DRM ...
* Pirate decryption
Pirate decryption is the decryption, or decoding, of pay TV or pay radio signals without permission from the original broadcaster. The term "pirate" is used in the sense of copyright infringement. The MPAA and other groups which lobby in favour ...
* PowerVu
* Smart card
A smart card (SC), chip card, or integrated circuit card (ICC or IC card), is a card used to control access to a resource. It is typically a plastic credit card-sized card with an Embedded system, embedded integrated circuit (IC) chip. Many smart ...
* Television encryption
Television encryption, often referred to as scrambling, is encryption used to control access to pay television services, usually cable, satellite, or Internet Protocol television (IPTV) services.
History
Pay television exists to make revenue fro ...
* Viaccess
Viaccess is a conditional access system developed by Orange S.A. There are six versions in use today, Viaccess PC2.3, Viaccess PC2.4, Viaccess PC2.5, Viaccess PC2.6, Viaccess ACS3.x/Prime Sentinel, Viaccess ACS4.1, Viaccess ACS5.0, and Viaccess A ...
* Videocipher
VideoCipher is a brand name of analog scrambling and de-scrambling equipment for cable and satellite television invented primarily to enforce Television receive-only (TVRO) satellite equipment to only receive TV programming on a subscription basis. ...
* VideoGuard
VideoGuard (sometimes referred to simply as ''NDS''), produced by NDS, is a digital encryption system for use with conditional access television broadcasting. It is used on digital satellite television systems – some of which are operated by ...
* Pairing Smartcard
References
External links
CAS history
in Spanish
CA ID list on dvbservices.com
{{broadcast encryption
Digital television
Digital rights management
Broadcast engineering