Jump to content

Renewable security

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Magic links bot (talk | contribs) at 07:09, 27 June 2017 (Replace magic links with templates per local RfC and MediaWiki RfC). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Renewable Security was a concept that evolved after the repeated hacks of analogue TV encryption systems in the late 1980s. Simply stated, rather than completely replacing a hacked TV encryption system, only part of it would have to be replaced to make it secure again.

Embedded secure processor

The decoders at that time often contained all of the conditional access control data in a microcontroller. This data consisted generally of the decoder's identity, the subscriber's identity number and subscription data. When the decoder was hacked, the whole system was effectively compromised as other subscriber identity data could be substituted and the hackers had control. This security model also more commonly known as the Embedded Secure Processor model as the secure processor, the microcontroller, was embedded in the decoder itself.

Detachable secure processor

The systems manufacturers countered with the Detachable Secure Processor model. In this security model, the decoder itself would not be the critical part of the system. The subscriber identity data and subscription details would be stored in a smartcard - the Detachable Secure Processor. Any compromise of the smartcard could then be countered by issuing a new, more secure, smartcard to subscribers.

Advantages and disadvantages

Renewable Security is good in theory. It provides hackers with a moving target rather than a stationary one. In the VideoCrypt system, the initial expectation was that the smartcards would be replaced every six months thus making the emergence of a pirate smartcard less likely. In reality, changing or upgrading the smartcards on a widely used TV Encryption system can be expensive and is done as infrequently as possible.

References

  • John McCormac. European Scrambling Systems 5 – The Black Book, Waterford University Press, 1996, ISBN 1-873556-22-5.
  • National Renewable Security Standard CEA679
  • Digital Video Broadcasting (DVB);IP Datacast over DVB-H: Service Purchase and Protection Technical Standard ETSI TS 102 474
  • Method for protecting the audio/visual data across the NRSS interface