Cryptography Reference
In-Depth Information
Video broadcast schemes provide a good example of the benefits of using
a symmetric key hierarchy in order to provide scalable key management. It is
worth noting that, unlike the encryption of the content, there are no standards
mandating the encryption algorithms used to distribute keys in the hierarchy.
Thus different content providers are free to choose their own methods for
doing this.
VIDEO BROADCAST ACCESS CONTROL
Encryption of the broadcast content prevents anyone who does not have a content
access device with a smart card containing a consumer key from recovering
broadcast content. However, it should be apparent that a consumer who does
have a valid CK will be able to recover content. This poses a potential problem
when a consumer's contract with a broadcast provider ends since, in theory, the
consumer will still be able to access broadcast content until the next update of the
relevant ZK.
In practice, this problem is addressed by the enforcement of access control in
the content access device (see Section 1.4.6). Each consumer is issued in advance
with their content access rights , which identifies which content the consumer
has permission to access. These rights are distributed to a consumer in a special
management message, encrypted using the consumer's CK. These content access
rights can be updated at any stage using a similar process. Before a content access
device attempts to recover any content, it first checks the consumer's content
access rights to find out whether the consumer is entitled to access the content. If
they are then the content is recovered, otherwise the content access device refuses
to proceed.
Thus video broadcast schemes have a two-tiered approach to protecting
content. At one level there is access control, enforced by the content access device.
The other level is cryptographic control, enforced by using the symmetric key
hierarchy. A 'normal' consumer should be prevented by the hardware controls
from determining their CK and thus cannot alter the content access rights that
they have been issued with. However, even a consumer who is able to do this
will ultimately be 'shut out' of their ability to access content through the key
establishment controls that we previously described.
VIDEO BROADCAST KEY STORAGE
In hardware-based content access devices all the relevant keys, including the
important consumer key, are stored on the smart card. However, there remains
one potential point of vulnerability. Since content access devices are designed to
be interoperable between different broadcast providers, the interface between the
smart card and the rest of the content access device is standardised and hence well
understood. This potentially allows an attacker to attempt to obtain a CK when
it is transferred between the smart card and the rest of the content access device.
For this reason, a shared symmetric key between the smart card and the rest of
the content access device is often established, in order to secure this interface.
 
Search WWH ::




Custom Search