Research on the defects of satellite digital television system and its solutions

1 Introduction

The DVB-S digital satellite live broadcast system standard is designed to meet the bandwidth of satellite transponders and the transmission characteristics of satellite signals. At present, this standard is widely adopted in the domestic satellite digital TV market. Its copyright protection is mainly based on the conditional access system (CAS). The principle of the system is to transmit the appropriate control word (CW) to the descrambling end to control the entire scrambling and descrambling program process, and only when a user is authorized to use a certain program, the descrambling control word is transmitted to the specific user to achieve encryption protection during program transmission. The core of conditional access is the control of control word (CW) data transmission. For a long time, in the satellite encryption program market based on DVB standard transmission, there has been a phenomenon of spreading the decryption information CW control word through the Internet and other means to illegally watch satellite programs. In recent years, with the advent of the climax of satellite digitization, such problems have also begun to appear in the satellite digital TV market. This method is usually called CW sharing.

2 Current situation

Regular encrypted satellite TV reception requires one machine with one genuine card. Since genuine cards are expensive, shared service providers use various channels to share the CW data on a genuine card with multiple users at a lower price, making huge profits. This infringes on the legitimate rights and interests of satellite operators and disrupts the normal order of the domestic satellite digital TV market.

There are currently two CW data sharing channels in the market that illegally receive encrypted satellite programs. One is to share CW through the Internet, and the other is to share CW through satellite.

2.1 Network shared CW reception

Network shared CW reception is shown in Figure 1. The shared server sends the ECM of a specific encrypted channel to the corresponding genuine card. The genuine card decodes the CW and returns it to the shared server. The shared server transmits the CW to the illegal terminals of pirated users through the network and other channels. The shared server is equipped with multiple card readers and smart cards to provide illegal terminal users with digital satellite TV with different channels.

[page]

2.2 Satellite shared CW reception

The basic principle of satellite shared CW reception is shown in Figure 2. It is a newly emerging sharing channel. It downloads all the ECM and corresponding CW data of the shared signal provided by the satellite and stores them in the shared key flash memory (FLASH) of the shared receiver. When the shared receiver receives the encrypted signal, it sends an ECM request to the shared key flash memory to the genuine card. The shared key flash memory sends the matching CW from the genuine card to the receiver, thereby decrypting the image.

[page]

3 Reasons for defects

The reason why CW sharing can happen is mainly due to the design of the DVB architecture itself. In the DVB simul-crypt architecture, scrambling and descrambling are two separate processes: scrambling is completed by the front-end scrambling device, and descrambling is achieved by the descrambling circuit of the set-top box chip; encryption and decryption mainly complete the protection of the scrambling and descrambling control words. After the control words are generated by the scrambler at the front end, they are encrypted using the encryption machine of the conditional access system (CAS), and decryption is completed by the smart card provided by the CAS.

In the case of simultaneous encryption, the boundary of CAS is defined as "encrypting CW at the front end and decrypting CW from ciphertext to plaintext on the terminal smart card", but there is no clear definition of "the process after CW is decrypted from the smart card and sent to the set-top box through the interface".

In addition, due to the need for standardized production of set-top box chips, set-top box chips are required by default to have no difference in supporting different CAS. Under this concept, the CW interface set on the set-top box chip is usually adopted for transmission in plain text.

4 Six solutions

From the above analysis, it can be seen that CW sharing is a defect in the DVB system. In order to prevent legitimate CW from being eavesdropped and shared, the following technical solutions are available:

1. CW encrypted communication and set-top box security chip, where CW encrypted communication is protected by encrypted communication between the set-top box and the smart card. The set-top box security chip realizes a secure path from the smart card to the set-top box descrambling circuit, so that the CW plain text only appears inside the descrambling circuit and cannot be obtained from the outside. This preventive measure should be said to be the best way at present. Its shortcomings are: on the one hand, since the CAS manufacturer-related keys are pre-embedded in the chip, it has a certain degree of lock-in, which may increase the cost of operators to replace the CAS system. On the other hand, the set-top boxes that are currently in large use do not use security chips, and these users are also at risk of CW sharing.

2. Operators can use some technical means according to the situation. For example, operators can send un-cracked commands to attack the vulnerabilities of the shared server software, making the shared server unable to work normally; or by shortening the sending frequency of data packets. After all, shared software users do not have a complete set of smart card information, and sending some strange commands and very long or very short commands may cause processing errors, resulting in a large number of users who share CW through the network to watch black screens due to untimely reception of CW.

[page]

3. Limit the number of times the genuine card can be read and written to increase the cost of the shared server. Limiting the number of ECM decryption times will limit the operation of the shared server. This method will greatly increase the cost of shared services because more cards are now needed on the server to decrypt all channels.

4. Copyright identification is achieved through digital video watermarking, and pirate tracking is achieved through video fingerprinting. Digital fingerprinting can solve the problem of multiple users sharing pirated content. By identifying the rebellious user who shares the CW, their smart card can be disabled. To identify the pirates of the shared CW, the CWs of different users need to have certain differences. The solution in this regard is to identify one pirate or multiple accomplices through CW fingerprinting and CW dyeing. This technology reduces the pressure of encryption protection and forms a greater deterrent to pirates who share CWs.

5. Shorten the CW switching speed. If the switching speed is faster than the network transmission delay, the receiver will receive intermittent signals or even be unable to watch them at all. Since the amount of ECM data inserted is relatively small, and in order to ensure stable viewing, the system is designed to take into account occasional transmission errors, with the characteristics of 2 CWs switching in turn and 2-3 ECM data switching for one CW.

6. In the development of DVB-S2, the encryption method was considered for data stream transmission between the decoder and the two ends to encrypt the code stream in order to prevent the data from being read out from the bus interface to protect the copyright. If the bus signal interface is encrypted, it is even more so for the CAS system. A similar method is also used for the data of the CAS interface. Once this is done, the shared users will not be able to obtain the original ECM and CW, and the encryption key of each machine is still randomly generated and different. As a result, it is difficult to implement shared terminals and servers.

5 Conclusion

CW sharing is a system defect of DVB. In a sense, all CAS currently have this problem, which is a challenge faced by all CAS manufacturers. Solving the control word sharing problem requires not only the efforts of CAS providers, but also the support of the set-top box hardware and software environment. Technical solutions can increase the cost of piracy for non-profit sharing enthusiasts, but cannot prevent well-funded organized groups and companies with profit-making purposes. For profit-making sharing service providers, in addition to increasing their cracking research and development costs, they also need to crack down on their illegal activities through legal means. By obtaining evidence of illegal service provision, resorting to law through public security organs to crack down on sharing service providers.