DRM and Set-top-box security

Tunstall, M., Markantonakis, K., Mayes, K.: Inhibiting Card Sharing Attacks. In: Yoshiura, H., Sakurai, K., Kai Rannenberg,, Murayama, Y., and Kawamura, S. Advances in Information Security and Computer Science, 1st International Workshop on Security, IWSEC2006,. p. 239-251. Springer Berlin Heidelberg, Berlin, Heidelberg (2006). WebsiteAbstract
The satellite TV industry relies heavily on the use of smart card technology at the very heart of broadcasted services that are protected by legacy conditional access systems. The process of Satellite TV signal protection is distributed amongst a number of system components, e.g. smart cards, receivers, Conditional Access Modules (CAM) and the content provider. However, the introduction of Open-Satellite Receivers, providing a highly configurable environment with software emulation of conditional access systems, enabled the implementation of whole range of new attacks. A widely deployed attack is often referred to as the Card-Sharing attack, by which one legitimate user colludes to provide protected content to a larger group of unauthorised users. This paper proposes a countermeasure that increases the bandwidth requirements of this attack to the point where it is no longer practical with a standard internet connection, with a minimal impact on existing protocols and architectures.
Msgna, M., Akram, R.N., Markantonakis, K., Mayes, K.: Subscriber Centric Conditional Access System for Pay-TV Systems. 10th IEEE International Conference on e-Business Engineering (ICEBE 2013). p. 450-455. IEEE Computer Society Press, Coventry, UK (2013).Abstract
A pay-TV system is a digital broadcasting system, where content providers charge subscribers a subscription fee. Such a system is a combination of a Conditional Access System (CAS), a smart card and a Set-Top-Box (STB). The current Pay-TV system business model follows a circle of dependency, wherein the service provider, the CAS vendor and the STB manufacturer have to work in a restricted vertical market. Furthermore, the unilateral communication channel between the transmitting and receiving ends makes distinguishing compromised cards (keys) and identifying the corresponding subscribers difficult. Additionally, the subscribers are compelled to be bound into using one specific STB pre-determined by the service provider, as such they can not access their entitlements via arbitrary STBs or receive content from other service providers. In this paper, we briefly analyse the existing CAS, the advantages and drawbacks associated with it. In addition, we discuss a new CAS architecture, briefly analyse its operational and security requirements of such a CAS. Our proposal delegates the ownership of the CAS to the subscribers.
Francis, L., Sirett, W.G., Mayes, K., Markantonakis, K.: Countermeasures for Attacks on Satellite TV Cards Using Open Receivers. Proceedings of the 2005 Australasian Workshop on Grid Computing and e-Research - Volume 44. p. 153-158. Australian Computer Society, Inc., Darlinghurst, Australia (2005). WebsiteAbstract
Digital content providers seek to restrict usage by implementing conditional access. One such scenario is the security aspects of digital video broadcast (DVB-S). There has been a history of attacks on this technology to circumvent any security measures and some techniques have been countered by the deployment of customised/provider specific receivers. However, this leads to less choice and the duplication of equipment at the customer level. Open satellite receivers have been introduced to allow a single user to access several different services from a single piece of receiver equipment. These boxes provide a highly configurable environment with software emulations of conditional access systems that is open to abuse. The internet has allowed communities with in-depth expertise to grow up around open receiver equipment, effectively communicating attack methods as they evolve. A new level of emerging attack is a card sharing by which one legitimate user colludes to provide protected content to a larger group of illegitimate users. In this paper we propose countermeasures to protect DVB-S content against this species of attack by enforcing behavioural contracts and correct usage guidelines within the smart card.