Renewable security
This article includes a list of references, related reading, or external links, but its sources remain unclear because it lacks inline citations. (February 2012) |
Renewable Security was a concept that evolved after the repeated hacks of analogue TV encryption systems in the late 1980s. Simply stated, rather than completely replacing a hacked TV encryption system, only part of it would have to be replaced to make it secure again.
Embedded secure processor
[edit]The decoders at that time often contained all of the conditional access control data in a microcontroller. This data consisted generally of the decoder's identity, the subscriber's identity number and subscription data. When the decoder was hacked, the whole system was effectively compromised as other subscriber identity data could be substituted and the hackers had control. This security model also more commonly known as the Embedded Secure Processor model as the secure processor, the microcontroller, was embedded in the decoder itself.
Detachable secure processor
[edit]The systems manufacturers countered with the Detachable Secure Processor model. In this security model, the decoder itself would not be the critical part of the system. The subscriber identity data and subscription details would be stored in a smartcard - the Detachable Secure Processor. Any compromise of the smartcard could then be countered by issuing a new, more secure, smartcard to subscribers.
Advantages and disadvantages
[edit]Renewable Security is good in theory. It provides hackers with a moving target rather than a stationary one. In the VideoCrypt system, the initial expectation was that the smartcards would be replaced every six months thus making the emergence of a pirate smartcard less likely. In reality, changing or upgrading the smartcards on a widely used TV Encryption system can be expensive and is done as infrequently as possible.
References
[edit]- John McCormac. European Scrambling Systems 5 – The Black Book, Waterford University Press, 1996, ISBN 1-873556-22-5.
- National Renewable Security Standard CEA679
- Digital Video Broadcasting (DVB);IP Datacast over DVB-H: Service Purchase and Protection Technical Standard ETSI TS 102 474
- Method for protecting the audio/visual data across the NRSS interface