Card sharing

Last updated

Card sharing, also known as control word sharing, is a method of allowing multiple clients or digital television receivers to access a subscription television network with only one valid subscription card. This is achieved by electronically sharing a part of the legitimate conditional access smart card's output data, enabling all recipients to gain simultaneous access to scrambled DVB streams, held on the encrypted television network.

Contents

Typically, a legitimate smart card is attached to a host digital television receiver, which is equipped with software to share the decrypted 64-bit "control word" key over a computer network, such as the Internet. Once a client receives this key, they can decrypt the encrypted content as though they were using their own subscription card.

The theory of card sharing as a potential attack vector on pay TV encryption was provided in the book European Scrambling Systems by John McCormac in 1996; leading to the term "McCormac Hack" to be used to describe early card-sharing systems. [1] [2]

Basic operation

The security of conditional access smart card technology is limited by the security of the DVB standard in which it operates. The standard practice of a legitimate smart card is to decrypt an ECM (Entitlement Control Message), which then provides the control word, which allows the viewing of scrambled material. [3] With card sharing, however, the smart card and its security features are bypassed; software intercepts the decrypted control word and allows the user to share it across a computer network.

Pirate decryption

Card sharing has established itself as popular method of pirate decryption. Much of the development of card sharing hardware and software has taken place in Europe, where national boundaries mean that home users are able to receive satellite television signals from many countries but are unable to legally subscribe to them due to licensing restrictions on broadcasters.

Because the length of the complete control word is so small (64 bits), delivery of the control words to many different clients is easily possible on a home internet connection. This has sparked the creation of sharing network groups, in which users can access the group by sharing their subscription cards with the group, and in turn, being capable of receiving the channels which all users' cards can decrypt, as though the user owned every single subscription card connected to the network. Other networks have also been created, whereby one server has multiple legitimate subscription cards connected to it. Access to this server is then restricted to those who pay the server's owner their own subscription fee.

Multiple receiver use

An arguably legitimate use for card sharing is the sharing of the control word within a home network, where the subscriber is authorised by the subscription television network to decrypt their signal, using one smart card. Content providers usually provide means for viewing channels on a second smart card, provided at extra cost. An example of this is Sky Multiroom, used in the United Kingdom. However, in some cases the contract between the subscriber and the content provider implicitly or explicitly prohibits this kind of card sharing.

Countermeasures

Card sharing is a particular concern to conditional access providers, and their respective pay-TV companies, as well as the DVB consortium. Card sharing utilises the integral scrambling system of the DVB standard, DVB-CSA, meaning that every provider of scrambled DVB content has potential to be affected by it. In response, several counter measures have been implemented by various parties, with the aim of permanently preventing it.

Technical

One technical method, implemented by providers such as Irdeto and NDS, is to update the software of digital receivers provided by the subscription television service. This software implements a further decryption layer, held within the receiver. Rather than sending a plain text control word from the smart card to the receiver's microprocessor, which can be intercepted, the decrypted ECM will in fact be an encrypted control word, which can only be decrypted by a legitimate, non card sharing capable, receiver. [4] A simpler method, used by several providers, is to simply increase the frequency of control word changes. With changes occurring as frequently as once every few seconds, extra stress is put onto the smart card sharing system, meaning that clients may be frustrated by short, frequent, missed viewing periods. Another method gaining traction is "Card pairing". Effectively linking the card with the connected device (e.g the set-top box, CAM module or TV's decoding chipset) and locking the card to be used only on that device.

One significant problem for internet card sharing is that the activity can be traced, through tracing of the originating IP address - though this does not identify an individual it can lead to a specific ISP and/or TV service subscription. Cases of criminal charges have been brought against card sharing hosts. [5] [6] In August 2009, a Liverpool man was prosecuted for re-selling the services of a card sharing network to paying customers. It was the first such case of its type in the UK. [7] Two further raids occurred in the UK during early 2011, instigated by UK Cable Operator Virgin Media. [8]

DVB-CSA3

In 2007, the DVB Project approved and began licensing a new scrambling system, CSA3, for protecting DVB content. [9] This new system, upon implementation, will attempt to eradicate many of the flaws with the original DVB-CSA system, including introducing an AES based 128-bit key system. The system will reportedly be "hardware friendly and software unfriendly", indicating that reverse engineering of the system, required for the creation of card sharing applications, will be very difficult. [10] [11]

See also

Related Research Articles

<span class="mw-page-title-main">Set-top box</span> Electronic device to convert a signal to an output for a television

A set-top box (STB), also colloquially known as a cable box and historically television decoder, is an information appliance device that generally contains a TV-tuner input and displays output to a television set and an external source of signal, turning the source signal into content in a form that can then be displayed on the television screen or other display device. They are used in cable television, satellite television, and over-the-air television systems as well as other uses.

The Common Scrambling Algorithm (CSA) is the encryption algorithm used in the DVB digital television broadcasting for encrypting video streams.

The Encrypting File System (EFS) on Microsoft Windows is a feature introduced in version 3.0 of NTFS that provides filesystem-level encryption. The technology enables files to be transparently encrypted to protect confidential data from attackers with physical access to the computer.

Free-to-air (FTA) services are television (TV) and radio services broadcast in unencrypted form, allowing any person with the appropriate receiving equipment to receive the signal and view or listen to the content without requiring a subscription, other ongoing cost, or one-off fee. In the traditional sense, this is carried on terrestrial radio signals and received with an antenna.

<span class="mw-page-title-main">MythTV</span> Free and open source home entertainment application

MythTV is a free and open-source home entertainment application with a simplified "10-foot user interface" design for the living room TV. It turns a computer with the necessary hardware into a network streaming digital video recorder, a digital multimedia home entertainment system, or home theater personal computer. It can be considered a free and open-source alternative to TiVo or Windows Media Center. It runs on various operating systems, primarily Linux, macOS, and FreeBSD.

Pirate decryption is the decryption, or decoding, of pay TV or pay radio signals without permission from the original broadcaster. The term "pirate" is used in the sense of copyright infringement. The MPAA and other groups which lobby in favour of intellectual property regulations have labelled such decryption as "signal theft" even though there is no direct tangible loss on the part of the original broadcaster, arguing that losing out on a potential chance to profit from a consumer's subscription fees counts as a loss of actual profit.

End-to-end encryption (E2EE) is a system of communication where only the communicating users can read the messages. In principle, it prevents potential eavesdroppers – including telecom providers, Internet providers, malicious actors, and even the provider of the communication service – from being able to access the cryptographic keys needed to decrypt the conversation.

<span class="mw-page-title-main">Conditional-access module</span> Content decryption key

A conditional access module (CAM) is an electronic device, usually incorporating a slot for a smart card, which equips an integrated digital television or set-top box with the appropriate hardware facility to view conditional access content that has been encrypted using a conditional access system. They are normally used with direct-broadcast satellite (DBS) services, although digital terrestrial pay TV suppliers also use CAMs. PC Card form factor is used as the Common Interface form of Conditional Access Modules for DVB broadcasts. Major CAM manufacturers include: Neotion, SmarDTV & SMIT.

VideoGuard, produced by NDS, is a digital encryption system for use with conditional access television broadcasting. It is used on digital satellite television systems - some of which are operated by News Corporation, which owned about half (49%) of NDS until its sale to Cisco in 2012. Since 2018 VideoGuard is improved and maintained by Synamedia. Its two most widely used implementations are Sky in the United Kingdom and Ireland and DirecTV in the United States, the former of which launched the digital version of the system in 1998.

Television encryption, often referred to as scrambling, is encryption used to control access to pay television services, usually cable, satellite, or Internet Protocol television (IPTV) services.

Conditional access or conditional access system is the protection of content by requiring certain criteria to be met before granting access to the content. The term is commonly used in relation to digital television systems and to software.

<span class="mw-page-title-main">Common Interface</span> Television technology

In Digital Video Broadcasting, the Common Interface is a technology which allows decryption of pay TV channels. Pay TV stations want to choose which encryption method to use. The Common Interface allows TV manufacturers to support many different pay TV stations, by allowing to plug in exchangeable conditional-access modules (CAM) for various encryption schemes.

Multi-Choice TV (MCTV) is a television service provider in Barbados. It is a Multichannel Multipoint Distribution Service (MMDS) or DVB-C wireless microwave-based broadcast subscription television provider. They offer a variety of packages which can be considered as comparatively priced to similar providers throughout the world.

Email encryption is encryption of email messages to protect the content from being read by entities other than the intended recipients. Email encryption may also include authentication.

<span class="mw-page-title-main">Advanced Access Content System</span> Standard for content distribution and digital rights management

The Advanced Access Content System (AACS) is a standard for content distribution and digital rights management, intended to restrict access to and copying of the post-DVD generation of optical discs. The specification was publicly released in April 2005 and the standard has been adopted as the access restriction scheme for HD DVD and Blu-ray Disc (BD). It is developed by AACS Licensing Administrator, LLC, a consortium that includes Disney, Intel, Microsoft, Panasonic, Warner Bros., IBM, Toshiba and Sony. AACS has been operating under an "interim agreement" since the final specification has not yet been finalized.

<span class="mw-page-title-main">FTA receiver</span>

A free-to-air or FTA Receiver is a satellite television receiver designed to receive unencrypted broadcasts. Modern decoders are typically compliant with the MPEG-2/DVB-S and more recently the MPEG-4/DVB-S2 standard for digital television, while older FTA receivers relied on analog satellite transmissions which have declined rapidly in recent years.

Cable television piracy is the act of obtaining unauthorized access to cable television services. It is a form of copyright infringement and a federal crime. Reception of cable television without authorization by a cable operator is forbidden by both federal and state laws. Cable television piracy is usually a class A misdemanor; if the service is $500 or more, it is classified as a class C felony.

The Content Scramble System (CSS) is a digital rights management (DRM) and encryption system employed on many commercially produced DVD-Video discs. CSS utilizes a proprietary 40-bit stream cipher algorithm. The system was introduced around 1996 and was first compromised in 1999.

The WIPO Copyright and Performances and Phonograms Treaties Implementation Act, is a part of the Digital Millennium Copyright Act (DMCA), a 1998 U.S. law. It has two major portions, Section 102, which implements the requirements of the WIPO Copyright Treaty, and Section 103, which arguably provides additional protection against the circumvention of copy prevention systems and prohibits the removal of copyright management information.

Enigma2, the second generation of Enigma software, is an application used in Linux-based Digital Video Broadcasting receivers or TV set-top boxes and Internet Protocol television receivers. It creates a graphical user interface to control the said devices using a remote control and provides features such as tuning available satellite transponders, cable channels and terrestrial television transmitters or accessing material via Internet Protocol television (IPTV), watching a TV program or listening to radio, time shifting, Digital video recorder, streaming media programs to other devices, etc. Other features are available through plugins – for example Electronic program guide (EPG), Hybrid Broadcast Broadband TV (HbbTV), access to TV archives and movie databases, playback of multimedia files, viewing photos, etc.

References

  1. Lee, Ji-Seon; Rhee, Hyun Sook; Lee, Dong Hoon (2008). "Efficient and Secure Communication between Set-Top Box and Smart Card in IPTV Broadcasting". 2008 International Conference on Convergence and Hybrid Information Technology. pp. 307–310. doi:10.1109/ICHIT.2008.273. ISBN   978-0-7695-3328-5. S2CID   11528132.
  2. Goldbach, Bernie. "Sky fears McCormack Hack". Inside View.
  3. Proceedings. European Association for Signal Processing.
  4. "VideoGuard Express by NDS". Archived from the original on 2010-01-03. Retrieved 2010-02-26.
  5. "French police question card-sharing ring". 24 October 2008.
  6. "Satleo.gr - Και σύλληψη παπά... πειρατή!!!". Archived from the original on 2010-02-09. Retrieved 2010-02-26.
  7. "Liverpool Sky TV Box cheat is jailed in UK first". 29 August 2009.
  8. "Derby three on Virgin fraud charge". 8 February 2011.
  9. "DVB CSA3 Algorithm". Archived from the original on 2009-03-06. Retrieved 2010-02-26.
  10. "Archived copy" (PDF). Archived from the original (PDF) on 2010-07-05. Retrieved 2010-02-26.{{cite web}}: CS1 maint: archived copy as title (link)
  11. "Archived copy" (PDF). Archived from the original (PDF) on 2011-07-18. Retrieved 2010-02-26.{{cite web}}: CS1 maint: archived copy as title (link)
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.