International Product Marketing Manager Security Morten Ruud International Product Marketing Manager CONAX – SECURING THE FUTURE

Conax Global provider of security for content distribution Satellite IP Terrestrial Cable MMDS Global provider of security for content distribution CONAX – SECURING THE FUTURE

Pay TV Free to air Free to air and pay TV operator in broadcast TV viewers prefers a complete content offering Eases competition with satellite and cable Increased value for free to air operators Has happened in all markets Pay TV Free to air CONAX – SECURING THE FUTURE

Terrestrial provides a rich TV offering! RiksTV in Norway 25 TV channels 16 Radio channels Digitenne in Netherlands: 23 TV channels 19 Radio channels Conax CAS and Conax Pairing protects exclusive content like sport and early releases of series and movies to maximize revenue!! RiksTV will also offer a rich selection of HD movies as VOD Developed by 4 CONAX – SECURING THE FUTURE

Piracy trends in the Caribbean Many operators in the Caribbean experience problems where users are watching unauthorised TV. In the Caribbean, many operators are suffering from redistribution of unauthorized sport and Hollywood content. Where is this content coming from? CONAX – SECURING THE FUTURE

Where is this content coming from. Unprotected free to air Where is this content coming from? Unprotected free to air Unsecure set top boxes Analogous redistribution For pay TV operators there is a need for content protection, from the head-end, through the set top box! CONAX – SECURING THE FUTURE

Content, and its need for protection! Different technology for different contend; fingerprinting for sports, watermarking for hollywood content CONAX – SECURING THE FUTURE

Pay TV operator investments and revenue Investing into prime content at exclusive terms attracts new subscribers and makes the current subscribers loyal. To make the offering attractive for new subscribers, pay TV operators usually subsidize the set top boxes. The set top box, multiplied by the number of subscribers, and exclusive top content usually represents significant investments! The upside is, steady increase of loyal subscribers paying a monthly fee for years. CONAX – SECURING THE FUTURE

The challenge In broadcast, you do not know the recipients. How can you be sure only paying customers can watch your services CONAX – SECURING THE FUTURE

Conditional Access – CA Motivation Process of selectively determining if a particular user shall be made able to make use of a video/audio product being distributed via a broadcast medium. The motivation for conditional access is twofold: Cost control: restrict access to the content to just a particular geographical area or to a specific group of users due to limitations in programme rights Revenue source: force users that want access to the content to pay for it. Prevent commercial piracy. Commercial piracy occurs when the operator looses significant revenue due to a pirate distributing the means for un-authorized access to the content. CONAX – SECURING THE FUTURE

DVB Broadcast scenario Broadcasting implies transmitting information from one sender to many recipients – point to multipoint. Although digital television is becoming interactive so that a consumer’s decoder/set-top-box (STB) can communicate with a central server, the delivery of the content itself is still one- way communication. Interfaces for CA is standard (DVB) but CA itself is proprietary CONAX – SECURING THE FUTURE

The scenario; Protect a point to multipoint one-way information stream Consumers are in general not interested in secure communication – they would like to get the content product for free if they could. Broadcast content is normally intended for a consumer audience, implying that the reception equipment including any security devices must be low cost. The laws and law enforcement regarding signal theft is weak in many jurisdictions, and the large revenue potential associated with pay-TV attracts well-funded, skilled and organized pirates. These factors constitute the scenario in which to implement secure communications. This scenario is quite different from two-way systems like GSM where fraud detection is easier, and from on-line bank transactions where the consumer has an interest in the security not being compromised. CONAX – SECURING THE FUTURE

Conditional Access System Controls the encryption on the transmit side and determine if a specific consumer shall be granted access to the content. Usually implemented in a smart card on the receive side. The smart card provides for a tamper resistant environment. The smart card communicates with an embedded application in the client (STB, CAM or other type) ECM The session key for the decryptor in the client is carried in a particular type of conditional access system messages, denoted Entitlement Control Messages (ECM) The smart card decrypts the ECM, then compares the service reference and entitlement information in the ECM with corresponding information stored in the card. If authorisation is given, the smart card releases the session key to the STB for the STB to descramble the scrambled payload. EMM Authorisations, and other CA specific infomration, for smart cards are carried in Entitlement Management Messages (EMM). CONAX – SECURING THE FUTURE

The broadcast security scenario and the implications One way communication and available to all Recipient not required to respond per piece of information Emitter cannot detect who and how many are on Return path for requesting keys/entitlements does not help as pirates arranges for whatever is required through their own network Encryption techniques used to protect the broadcast content Encryption is controlled by keys Piracy can happen if: Encryption techniques are simple enough for production of a cheap inverse Keys become known Keys and encryption techniques can be copied Signal is redistributed and is prevented by: Complex encryption techniques Keeping keys secret Making it difficult to copy keys and encryption techniques CONAX – SECURING THE FUTURE

Access/No Access A CA System is involved in two separate, yet parallel processes in a pay-TV operation: Prevent access: The CA System together with the scrambler makes sure that the signal is scrambled and unavailable for unauthorized viewers. Give access: The CA System together with the scrambler and STB makes sure that the signal can be descrambled for authorized viewers. CONAX – SECURING THE FUTURE

Entitlement Control Messages (ECMs) Subscriber Management System (SMS) ECM Generator (ECMG) EMM Injector (EMMI) Subscriber Authorization System (SAS) Multiplexer / Scrambler 1 2 STB Smart card The scrambler scrambles the content based on a session key, known as Control Word (CW). The same CW is sent to the ECMG, which puts it into an ECM together with access criterias and a time reference. The ECM is then encrypted and sent back to the scrambler for insertion into the transport stream. The STB receives the ECM and sends it to the smart card. The smart card decrypt the ECM and checks the access criteria against it’s internal subscription table. If the smart card has a matching access criteria loaded in memory, the CW will be sent to the STB for descrambling, if not the smart card will not send the CW and hence the STB is not able to descramble the content. CONAX – SECURING THE FUTURE

Entitlement Management Messages (EMMs) Subscriber Management System (SMS) ECM Generator (ECMG) EMM Injector (EMMI) Subscriber Authorization System (SAS) Multiplexer / Scrambler 1 2 3 4 STB Smart card The Subscriber calls to subscribe to a service. The SMS generates a request and sends it to the SAS. The SAS generates an Entitlement Management Message (EMM), encrypts it and sends it to the EMMI. The EMMI sends the EMM to the mux/scrambler for insertion into the transport stream. The STB receives the EMM and sends it to the smart card. The smart card updates it’s internal subscription table. CONAX – SECURING THE FUTURE

Group Key EMM Subscription Group Key Subscription ECM Service Key Program Scrambled program Control Word Control Word CONAX – SECURING THE FUTURE

Simulcrypt basics Simulcrypt is specified by DVB to allow multiple CA systems to scramble the same content without simulcasting. The standard specifies the interfaces between the head-end equipment and the CA system Why simulcrypt? standarise system interfaces, increasing inter-operability between manufacturers save bandwith when the option is to simulcast to share content from a broadcaster between operators using different CA (for example MTV in Europe) to introduce a new CA to an operation (to increase competition, or swap provider) CONAX – SECURING THE FUTURE

How does it work? DVB Simulcrypt allows multiple CA systems to co- exist on a system by; specifying unique IDs for each manufacturer specifying data structures in the Program Specific Information (PSI) tables, so that clients can identify the CA system in use PSI data is used by the clients to locate the CA specific data for the channel it is tuned to the Simulcrypt Synchroniser (SCS) is used to synchronise the scrambling of a service with a Control Word with the various systems ECM generation CONAX – SECURING THE FUTURE

Hardware or Software Security? CONAX – SECURING THE FUTURE

Software versus Hardware security module Manipulation Medium (with cloaking, otherwise easy) Hard Recovery from piracy (not without upgrade of HW) Easy (by replacing a relative low cost element) Keeping keys secret (with cloaking) Yes Copying of device with keys is feasible (i.e. easy) CONAX – SECURING THE FUTURE

Hardware Security Module Smart card Smart card – STB combination satisfy the broadcast scenario security requirements Smart cards: Single chip designed for physical protection of keys Smart card software is in complete control of entire chip Smart cards can perform all key related processing necessary Smart cards without keys are useless Smart cards with keys are not easy to copy Smart cards deny the pirate what is needed to make pirate devices Best combination: security – cost – flexibility Minimum cost for a hardware device (single chip) Convenient format for distribution and use CONAX – SECURING THE FUTURE

Conclusion Hardware CAS is superior to Software CAS in broadcast scenario If software CAS is hacked, recovery is in principle not possible unless client hardware is upgraded Software CAS alternative only if piracy pressure is low due to low value content and/or small network then, in small networks, back-end cost dominates - not the cost of a few cards But 1, if a card is hacked, security can only be fully restored by swapping the cards of that type But 2: Unlike software, if cards are swapped, security is indeed restored Content providers are more comfortable with hardware CAS CONAX – SECURING THE FUTURE

How to improve security further? CONAX – SECURING THE FUTURE

Conax head end technology Conax client device technology Content protection from the head-end through the consumer device Conax Conditional Access and Conax Chipset Pairing Protects the content from the head end, through the client device SW controlled by the Conax protected bootloader in the STB STB tested by Conax and authorized by the digital TV operator Control words not in clear anywhere Digital content not in clear anywhere Controls that certain content can be unscrambled on such STBs only Bootloader key should be owned by the operator, not by the CA vendor – you do not want to be held hostage by your vendors! Conax head end technology Conax client device technology CONAX – SECURING THE FUTURE

The Conax Solution - Conax Pairing Secure content protection from the head end through the set top box. On the set top box side secrets are stored in the vault of the set top box chipset and the smart card. Control word or content not in clear anywhere. The operator securely controls the set top box population. The operator securely controls that certain content can be watched on such set top boxes only. CONAX – SECURING THE FUTURE

The Conax Solution - Conax Fingerprinting An unique solution to identify any unauthorized redistribution. Needs to be done in the set top box. Secured by Conax Pairing. Successfully deployed in markets where unauthorised analogous redistribution is an issue. 21455221584 CONAX – SECURING THE FUTURE

How secure is secure – Conax security evaluation Level 9 Level 0 CONAX – SECURING THE FUTURE

Conax security evaluation certificate CONAX – SECURING THE FUTURE

Conax facts and figures Focus on content security only! Fastest growing. 300+ customers in 80+ countries. Largest supplier into Scandinavia, China, India, Russia and Latin Americas. Protecting the most valuable content in markets with the most active pirates. No piracy attack with commercial impact. Well funded to stay ahead of pirates. CONAX – SECURING THE FUTURE

Summary Select a set top box with a high security level. Select a content security provider with a solid track record! Select a content security provider well funded to invest into staying ahead of piracy! CONAX – SECURING THE FUTURE

Would you leave your future unsecured? Thank you! CONAX – SECURING THE FUTURE