Research on a Cable-free Conditional Receiving Technology for Smart Cards

0 Preface

With the acceleration of the digitalization process of cable TV, it has become an inevitable trend for the cable TV industry to develop directly for the TV programs and value-added services that users want to watch. Conditional reception means that the paid user can receive the TV program and service service that he has reserved, and the unpaid user cannot obtain the service. Conditional reception must address two issues, namely how to charge a fee from the user and how to prevent the user from viewing those unauthorized paid channels. At the front end, the program is scrambled or received, and the user is addressed. The addressable descrambling at the user end is the basic way to solve these two problems.

The basic purpose of the CA (Conditional Access) system is to perform authorization control and authorization management for users in the cable television system, thereby realizing the paid service of the digital television broadcasting system. At present, all CA systems need to use a special data scrambling controller in the front-end system as the set-top box of the receiving end. According to the program scrambling system used in the cable TV front-end system, the corresponding smart card must be integrated to control the user. Purpose, additional hardware support and CA vendor certification fees increase the cost of the set-top box. The application of these professional CA systems as small public places such as hotels and community service stations is obviously too costly, because the end users like these public places generally have less than 10,000 units, and the requirements for data encryption and decryption are not very high. Based on the above reasons, the system proposes a conditional access technology that does not require a smart card.

In the system, the front end uses a DVB (Digital Video Broadcasting) scrambler to scramble the audio and video transmission stream by using a fixed cw (Control Word), and encrypts the CW by using a double DES encryption algorithm to generate an ECW (Encrypt Control Word). , the scramble control word), the ECW, the user ID information, and the user authorization status. The LCA (Local Conditional Access) management server generates the corresponding EMM information and the announcement file such as the Message. In this system, the ECM (Entitle Control Message) It is also transmitted in the form of EMM (Entitle Management Message) data. For the client, the user only needs to use the set-top box of the integrated LCA embedded software system to realize the announcement information of the program, such as hierarchical viewing, program preview, Email and Message. Reception.

1 LCA system principle

The purpose of conditional reception is to form a complete descrambling system according to the service applied by each user, so that each user can get the corresponding service on the basis of paying the fee on time, in order to enable the user to get the corresponding Service, it is necessary to scramble control of DVB and MPEG-2 standard transmission code stream. The so-called scrambling refers to changing or controlling certain features of the transmitted program under the control of the front-end LCA system, so that unauthorized users cannot obtain it. The services provided. The process is that the front-end system passes the original transport stream through the CW for real-time scrambling control. The receiving end system obtains the corresponding encryption key by parsing the EMM, and restores the scrambled data stream to the original transport stream through the key. The key to realizing digital TV authorization management control is conditional access technology, and the core part of conditional access technology is the control of CW transmission, because the CW can recover the scrambled data stream into a transparent data stream. The system performs two-fold DES encryption operation on the CW through the user's fixed ID number and service key, thereby ensuring the security of the CW transmission.

1.1 front-end conditional access system

In a conventional CA system, information related to conditional reception is transmitted through two data streams, ECM and EMM. The ECM includes information such as program source, broadcast time, content classification, and program viewing level. The EMM contains addresses, user authorization information, and so on. In this system, in order to improve the information transmission rate, program management and user management information are transmitted through the EMM, that is, the ECM data information is also loaded into the EMM information for transmission, so the CW encrypted by the service key SK (ServiceKey) is The ECW is also transmitted through the EMM. The SK is also encrypted by the user's personal distribution key PDK (Personal Distribute Key) before transmission. In this system, the PDK is the fixed IRD serial number of each set-top box. The CW encryption process is done in two steps:

Step 1: According to the current state of the timer, randomly generate a 32-bit value, denoted as SK; use IRD number as input, and IRDnumber is PDK value. As a key, SK uses the DES algorithm as an encryption operation, and outputs an encrypted SK, which is called ESK (EncryptService Key). The process is shown in Figure 1.

Figure 1 DES algorithm for SK encryption

The second step: the CW value is used as the input. The ESK generated in the first step is used as the new key, and then a DES encryption operation is performed to obtain the final output result ECW, that is, the “user key”. The process is as shown in FIG. 2 . Show.

Figure 2 DES algorithm for CW encryption

The IRD number is stored in the fixed area of ​​the Flash ROM of the set-top box as the fixed serial number of each set-top box. According to the state of the timer, after the system determines that all users receive the current key SK, the key is invalid. In this case, a new secret needs to be allocated. The key is used to encrypt the CW. The time for distributing the key is determined by the number of users of the entire system and the bandwidth allocated by the system for this purpose. The EMM data information in this system adopts the EMM-U (u-nique) format, that is, each set-top box Occupy an EMM Sec-tion, the length of each Section is fixed to 256 bytes, so if the EMM data volume is calculated by 5000 users and transmitted at 100Kbps, passing a cycle requires T=5000 256$8/100000=100 seconds. . In order to ensure that the user can also view the current program during the EMM transmission cycle, each user is stored with two keys, one for current use and one for next use. These two keys are called even and odd keys respectively. . The EMM data stream descriptor contains a flag indicating that it is an even key or an odd key, and the descrambler stores the key in the appropriate location after receiving it. If the current key encryption is used, the new key is simultaneously allocated. The key is an odd key. After the system determines that all users receive the new key, the key is invalidated, and the newly assigned odd key is activated to decrypt the data, and the next key assignment starts with the new even key.

Since the EMM data is transmitted in the EMM-U format, it is necessary to assign a separate PID (Packet I-dentifier) ​​to the EMM data, which is recorded as the EMM PID, and considering the multiplexer to increase the DVBTable problem, the EMM PID and the current The service key SK is placed in the private data of the Network Information Table (NIT), and its description field indicates a value of 0x84. EMM Section is packaged in the DVB standard package format, and its PID value is EMM.

PID, Table ID is set to 0x88. In order to facilitate the setting of the set-top box filter of the receiving end, the version number (Version Number) and the IRD serial number of the current EMM information are added in the EMM Section, and the current EMM is indicated in the data field by the target word Targets. The type and structure of data, for example, when Targets is equal to 0x92, it indicates that the current EMM Section data is announcement information such as Message or Email; when Targets is equal to 0x91, it indicates that the current EMM Section data is encrypted CW, that is, ECW.

1.2 Receiver conditional access system

The main function of the receiving conditional receiving system is to analyze the EMM data and control the user's graphical interface. After the receiving set-top box is powered on, the IRD number is read at the fixed address of the Flash ROM, and the NIT Table is searched to obtain the LCA EMM PID and the current secret. Key SK; set PID filter, search for Pack-et with PID value of LCA EMM PID. Considering the processing of laiD filter and the burden of large amount of data processing on the set-top box, the IRD number and Table ID are combined together to make EMM data filter. The obtained data is the EMM section required for the set top box corresponding to the IRDnumber. The version number of the current package and the previous package is compared to determine whether the EMM data is updated. If the EMM is updated, the related information is displayed on the graphical interface of the user according to the obtained data. .

2 LCA system structure model

The LCA system consists of a front-end system and a client system. The front-end system includes several modules such as an encoder, a scrambler, a multiplexer, a QAM modulator, and an SMS (Subscriber Management System). The management of user information and program information is the basis for conditional reception. In the front-end system, the function of managing user information and program information is mainly implemented by SMS. The CA subsystem in SMS mainly completes the packaging of ECM and EMM data and key information. Encryption feature. In the traditional CA system, ECM and EMM data information are transmitted through separate sections. The decryption and descrambling of data are completed by smart cards integrated in the set-top box; the program authorization information and user management information in the system pass the EMM data. The format is transmitted, the current SK is controlled by a timer, and then the PSK encrypts the SK, and finally the ESK encrypts the CW, and the three-layer encryption mechanism completes the secure transmission of the transport stream on the broadcast network. The time at which the user is addressed and the key is distributed in the system is determined by the number of users of the entire system and the bandwidth allocated by the system for this purpose.

The user terminal is mainly composed of a set-top box integrated with the LCA embedded software system and a common home TV set. The CA subsystem completes the parsing of the MPEG-2 data stream, implements various multimedia services provided by the system, and the EMM encryption information is completed in the CA subsystem. To decrypt the data, firstly obtain the LCA EMM PID and the current key SK in the description field of the NITTable according to the fixed IRD number of the receiving set-top box; set the filter to search for the data packet whose PID is equal to the EMM PID and the Table ID is equal to 0x88; The obtained EMM data packet is classified and classified according to the logo word. If the current EMM data type is ECW (Targets is equal to 0x91), the DES inverse operation is invoked to decrypt the ECW, and the descrambling of the audio and video data is completed according to the obtained CW. In addition, because the data is decrypted by the even key and the odd key during the transition time of the key distribution, two different ECWs are obtained when parsing the type of data, one of which is labeled "Now" and the other is labeled It is marked as “Next”; if the current EMM data type is announcement information, the user graphical interface is directly called for display. The overall structural model is shown in Figure 3 and Figure 4.

Figure 3 LCA front-end system

Figure 4 LCA client system

3 Conclusion

This paper proposes a structural model of conditional access system based on DES encryption technology without smart card. In this model, CW is encrypted and controlled by two DES encryption operations at the front end. User information and program information are transmitted in EMM-U format. The set-top box decrypts and descrambles in software to implement authorization control of the digital TV service. Compared with the traditional CA system, the system does not need to integrate a professional smart card system in the set-top box, thus reducing the hardware cost and research and development cost of the set-top box. The system provides a control platform for some small cable TV network management institutions such as hotels and communities.

(Text/1. School of Basic Science, Changchun University of Technology, Yan Yigong; 2. School of Computer Science and Engineering, Changchun University of Technology, Dong Guozhen)

Pleated Blinds

Pleated blinds and contemporary style just go – the clean, orderly design is a perfect match. And they only use a small space at a window, which is great for enhancing the sense of openness in a cramped room. When lowered, Pleated blinds with standard fabrics allow sunlight to gently filter into a room, creating a cosy effect. Meanwhile, blackout fabrics are ideal for bedrooms, where they`ll help stop the dawn sun waking you in the early morning. Pleated blinds are great at preventing heat escaping through your windows. So you can dial down the thermostat and save on energy bills while staying snug through winter.

Pleated Blinds

Pleated Binds,Cordless Pleated Blinds,Light Filtering Pleated Blinds,Skylight Pleated Blinds,Blackout Pleated Blinds

Dongguan Xindayuan Window Covering Products Co., Ltd. , http://www.xyndaxchina.com