1 / 17

Audio/Video compression Security

Audio/Video compression Security. Alain Bouffioux December, 20, 2006. Agenda. What is cryptography Symmetric & public-key cryptography Why cryptography for DVB ? Conditional access information in MPEG/DVB Conditional access mechanism Conditional access interfaces.

dmitri
Télécharger la présentation

Audio/Video compression Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Audio/Video compressionSecurity Alain Bouffioux December, 20, 2006

  2. Agenda • What is cryptography • Symmetric & public-key cryptography • Why cryptography for DVB ? • Conditional access information in MPEG/DVB • Conditional access mechanism • Conditional access interfaces AV Compression / Alain Bouffioux

  3. What is cryptography (1/2) • Why cryptography ? • CONFIDENTIALITY - The message is not listened • INTEGRITY - The message is not modified • AUTHENTICITY - The message has been sent by Alice • NON-REPUDIATION - Alice cannot falsely deny she has sent the message AV Compression / Alain Bouffioux

  4. What is cryptography (2/2) • Basic terminology AV Compression / Alain Bouffioux

  5. Symmetric & public-key cryptography(1) Symmetric cryptography Public-key cryptography Key1 = Key2 Key 1  Key 2 • Public-key cryptographyOne Public-key (known by everybody) : PKOne Private-key or Secret-key (kept secret) : SK • C = EKey1(M)  M = DKey2(C) = DKey2(EKey1(M)) In public-key cryptography, key1 may be PK or SK and key2 is the other key. AV Compression / Alain Bouffioux

  6. Example of symmetric cryptography Key stream as long as message Key stream = pseudo-random sequence (easy to break) Low security should be compensated by frequent change of keys  necessity of secure channel 2 channels : one for the message & one for the key Symmetric & public-key cryptography(2) AV Compression / Alain Bouffioux

  7. Symmetric & public-key cryptography(3) • Example of public-key cryptography AV Compression / Alain Bouffioux

  8. Symmetric & public-key cryptography(4) • Symmetric cryptography example : DES • Public-key cryptography example : RSA (1977) • Symmetric versus public-key cryptography • Symmetric cryptography is faster (about 1000 times). • Low security of symmetric cryptography (due to the necessity of key transport) is improved by a frequent change of the key. • In Public-key cryptography the secret-key may be kept secret. It is never transported  High security. • Different usage : In DVB, symmetric key algorithm for encrypting data, public-key algorithm for key management (secure channel). • Hybrid cryptosystemExample : DES for message and RSA for key encryption AV Compression / Alain Bouffioux

  9. Cryptography and DVB (1/2) • Cryptography may prevent unauthorised receiver from decoding the program. • DVB compared with banking or military secret • high information rate • low information value • decryption must be cheap • Cost of cracking the system should be higher than the benefits gained from the cracking • Cryptography in DVB is a trade-off between cost/complexity versus piracy-proof. • CA (Conditional Access) = very sensitive subject. Some service providers want their own CA system. AV Compression / Alain Bouffioux

  10. Cryptography and DVB (2/2) • MPEG does not specify a conditional access (CA) system but defines a frame to support CA. • DVB characterises some aspect left undefined by MPEG,It defines a CA interface. • The broadcaster develops its CA system using a CA interface. • DVB is based on • symmetric cryptography for audio-visual transmission • frequent key change to increase security • Public-key cryptography for key-exchange • DVB relies on • stream of ECM’s (Entitlement Control Message) • stream of EMM’s (Entitlement Management Message) AV Compression / Alain Bouffioux

  11. CA information in MPEG TS (1/2) AV Compression / Alain Bouffioux

  12. CA information in MPEG TS (2/2) AV Compression / Alain Bouffioux

  13. Encrypted AV data Clear AV Data Decryption CW’s Access control parameters SK EntitlementSK PDK1 PDK2 PDK The CA mechanism : illustration SMARTCARD Decryption ECM’s(Program related) Decryption EMM’s(CA system related) IK AV Compression / Alain Bouffioux

  14. The CA mechanism (1/2) • AV streams are scrambled with Control Words (CW) using symmetric cryptography • CW are encrypted using Service Keys (SK), are placed in ECM’s and are securely transmitted to the receiver AV Compression / Alain Bouffioux

  15. The CA mechanism (2/2) • SK are encrypted using public-key cryptography -Keys are IK (unique key internal to the smartcard) or PDK (transmitted via EMM’s in order to define user’s group) • ECM’s carries (informations related to a single program  PID of ECM’s in PMT) • enciphered CW • access parameters • ECM’s are decoded to CW if the receiver contains the required entitlements • EMM’s carries (information related to a conditional access system  PID of EMM’s in CAT) • New entitlements, SK’s (Service Keys) • Programmer distribution key AV Compression / Alain Bouffioux

  16. About DVB scrambling • Encryption occurs after compression (at the location in the stream where the redundancy is at its lowest value) in order to have a robust encryption system. • Encryption may occur at PES level or at TS level. • DVB scrambling is transparent (a valid TS remains valid after scrambling)  facilitates transport and manipulation. • Synchronisation based on PCR’s  constant time required for scrambling/descrambling. • Security device should authenticate EMM’s origin. • CA is only one aspects of cryptography usage in DVB. An other may be copy protection by (watermarking) and authentication (by signature). AV Compression / Alain Bouffioux

  17. AV Compression / Alain Bouffioux

More Related