Introduction to digital TV CA Technology

With the development of TV technology towards digital video broadcasting, more and more advanced computer network communication technologies are applied in digital TV
Technology, conditional receipt ca
(Conditional

Access) technology plays an important role in the application of digital TV platforms. The CA system of the digital TV platform controls the access of the broadcast receiver by the broadcast operator and determines whether the receiver has access
Permission to receive related TV programs. Therefore, the CA technology is based on commercial purposes. It not only ensures that users can freely choose to receive program content, but also protects the interests of broadcast operators, that is, it ensures the authorizer and the authorized person.
Benefits.

I. Technical coverage of the CA system in digital TV

The CA conditional Receiving System is an integrated system for implementing digital television broadcasting business authorization management and receiving control. It mainly integrates core technologies such as anti-disturbing technology, encryption and decryption technology, and codec, it also includes the set-top box technology, smart card technology, digital multiplexing technology, and system management technology (including user management, program management, and billing management.

Ii. Composition of the CA system

Disturbing a typical CA system
Partially, encrypted
Part of the system, SMS system, based on the security considerations of control data transmission, to ensure that authorized users receive, to eliminate unauthorized users to receive illegal purposes, using the so-called "triple key encryption" system, enhances system security.

　1. Scramble)

The CA system is disturbed by pseudo-accompanying

The disturbing sequence generated by the machine sequence is used to sort the "0, 1" series of transparent transmission streams by bit or by bit. Generally, the hash function transformation is used as an algorithm to add a disturbance.

Sending end: the generation of pseudo-random sequences is controlled by the initial word. The initial word is composed of the control word and the initial modifier. The initial modifier can break down the scrambling sequence into shorter information blocks.

Acceptor: combines the received control word and the initial modifier into the initial word. the pseudo-random generator sent to the decoder can obtain the same pseudo-random sequence as the sending end, this allows you to obtain transparent transmission streams.

The control word is usually 69 bytes, and the change frequency is 2 S/time to 10 S/time.

　2. Encryption)

　Service Key (SK)

Business keys are mainly used to encrypt control words. The business key is generated by the user authorization system. The business key encrypts the control word to generate the authorization control information ECM (Entitlement Control Message). Therefore, ECM information includes information about access rules for businesses and related information for disturbing.

The frequency of changing the business key is far less than that of changing the control word. In the CA system, the encryption algorithm based on the symmetric key encryption system is generally used. The symmetric key refers to the same encryption key and decryption key.
The DES algorithm is a common algorithm. It uses a 56-bit key to encrypt 64-bit data into 64-bit
. At present, the development of the thca Algorithm Based on DES and the emergence of idea (International Data Encryption) in recent years
Algorithm (International Data Encryption) algorithm.

　　Personal distribution key (PDK)

In the shared network addressing mode, data packets are transmitted based on the user's address, and each network terminal device has a unique and unique address code, which is used to control the authorization information ECM.
. The address of an end user is generally public and encrypted using the sequence associated with the address code. Because the sequence is equivalent to a personal feature (unique and non-repetitive), it is called a personal key distribution.
(PDK ).

The personal distribution key PDK is generated by the CA system. The prom burned in by the Dedicated CA system device on the terminal device cannot be read again to avoid replication. Based on various services of different levels and types, a CA system usually assigns several pdks to each end user in advance to respond to different business needs.

PDK uses asymmetric key encryption algorithms, that is, different encryption keys and decryption keys. RSA is a common asymmetric key algorithm. The RSA Algorithms have higher encryption strength than DES, but the encryption processing speed is slow, encryption that is not frequently required for EMM changes in the CA system,

　3. User Management System (SMS)

The SMS user management system is a database information processing system that integrates network technology and database management technology to manage the operation level of users' digital TV businesses (or "Products,
That is, the database for user management of the paid digital TV business sends commands to the CAS system through operations on the user account and the CAS (conditional RECEIVING SYSTEM) interface, digital TV industry prebooked by user or user
Service as a product or cancel authorization. The authorization management objects of SMS are users or products.

　4. User Authorization System (SAS)

The SAS user authorization system is an application system used to store Smart Card-related information (such as serial numbers, unique identifiers, and authorizations). The system extracts smart card information to authorize the processed smart card. SAS generates a business key based on the SMS command.

The authorization object of SAS is the unique identifier or serial number of the smart card.

From: http://article.ednchina.com/CE/20080225123921.htm