Cryptography Reference
In-Depth Information
As previously mentioned, video broadcast schemes use symmetric key
hierarchies. At the 'top' of each these hierarchies are keys that are shared only by
the broadcast provider and a particular consumer, which we refer to as
consumer
keys
(CKs). In a simple system, with relatively few consumers, these CKs could
be used to encrypt the KEKs. However, there are two reasons why this is not very
practical:
1. Most video broadcast systems have so many consumers that sending an
encrypted KEK in this way would require too much bandwidth, since a unique
ciphertext would have to be sent for each consumer.
2. Each KEK itself must be frequently changed, for similar reasons to the CEKs.
This might happen, say, on a daily basis. Thus the bandwidth problems are
further exacerbated by the need to frequently update the KEKs.
The compromise is to deploy
zone keys
(ZKs), which are keys shared by groups
of consumers. Zone keys have longer lifetimes than KEKs, but shorter lifetimes
than CKs. A relevant ZK is initially sent to a consumer encrypted using their
CK. The consumer then uses the ZK to recover KEKs, which are used to recover
CEKs. When a ZK needs to be changed, the new ZK does need to be sent to every
consumer who requires it, but this event occurs much less frequently than for
KEKs (which in turn occurs much less frequently than for CEKs).
The consumer keys, which sit at the top of these key hierarchies, are stored
on the smart cards of the content access devices. They are thus established prior
to the issuing of the smart cards to the consumers. A simple example set of key
hierarchies is shown in Figure 12.10. In this example there are are five consumers,
divided into two zones. In practice, multiple layers of zone keys can be deployed
in order to enhance scalability.
CK
1
CK
2
CK
3
CK
4
CK
5
ZK
2
ZK
1
KEK
CEK
Figure 12.10.
Digital video broadcast scheme key hierarchy
