ITU-T J 91-1994 Technical Methods for Ensuring Privacy in Long-Distance International Television Transmission - Television and Sound Transmission (Study Group 9) 21 pp《长距离国际电视传输的保密.pdf

1、 ITU-T RECMN*J.L 94 m 48b2591 0596056 O89 m INTERNATIONAL TELECOMMUNICATION UNION ITU-T TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU TELEVISION AND SOUND TRANSMISSION J.91 (08/94) TECHNICAL METHODS FOR ENSURING INTERNATIONAL TELEVISION TRANSMISSION PRIVACY IN LONG-DISTANCE ITU-T Recommendation J.

2、91 (Previously “CCITT Recommendation”) ITU-T REC”*J*SL 94 4862591 0596057 TL5 = FOREWORD The IT-T (Telecommunication Standardization Sector) is a permanent organ of the International Telecommunication Union (IhJ). The IT-T is responsible for studying technical, operating and tariff questions and iss

3、uing Recommen- dations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standardization Conference (WTSC), which meets every four years, establishes the topics for study by the IT-T Study Groups which, in their turn, produce Recommendations on

4、 these topics. The approval of Recommendations by the Members of the ITU-T is covered by the procedure laid down in WTSC Resolution No. 1 (Helsinki, March 1-12, 1993). ITU-T Recommendation J.91 was prepared by -T Study Group 9 (1993-1996) and was approved under the WTSC Resolution No. 1 procedure on

5、 the 22nd of August 1994. NOTE In this Recommendation, the expression “Administration” is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. o ITU 1995 All rights reserved. No part of this publication may be reproduced or utilized in any form

6、or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from the ITU. CONTENTS Scope References Terms and definitions . Abbreviations . System overview 5.1 General description of the scrambling/descrambling processes . 5.2 General description of

7、 the conditional access system . Modelling interfaces and equipment 6.1 List of interfaces . 6.2 List of equipment Transport protocol of conditional access messages in channel CA1 . : . 7.1 Transmission frame 7.2 Conditional access message content . Practical implementations Annex A . Operation with

8、 local control word Practical implementation with a local control word . Annex B . Operation with EUROCRYPT B.l Introduction B.2 Functionalities of the Network Management Centre (NMC) . B.3 Implementation of the CADS B.4 Implementation of the interface 2 . B.5 Implementation of the interface 5 . B.6

9、 Illustration of the system using EUROCRYPT features . Annex C - Operation with other systems A . 1 . Recommendation J.91 (08/94) Page 1 1 2 2 3 3 3 5 5 6 7 7 9 10 10 10 10 10 12 14 15 16 16 17 1 SUMMARY This Recommendation constitutes a common standard for a conditional access system for long-dista

10、nce international transmission of digital television according to Recommendation J.8 1). It first gives an overview of any conditional access system, describing the categories of conditional access messages which need to be transmitted. It specifies a transport protocol based on HDLC frames for the

11、conditional access messages sent in channel CA1 of Recommendation 5.81. Furthermore, an architecture of the whole transmission system, including the conditional access features, is described. This architecture differs from the traditional Pay-TV systems architecture in the way that it stresses the n

12、eed for an access control authority which is not co-sited with the transmitters. The main conditional access equipments and interfaces needed to ogerate the conditional access system are also modelled. Their functionalities are described and some implementations are proposed, depending on the applic

13、ation. Lastly, practical implementations are also provided depending on the level of security and functionality required by the application. 1 Recommendation J.8 1 was formerly ITU-R Recommendation CMIT.723. II Recommendation J.91 (08194). Recommendation J.91 TECHNICAL METHODS FOR ENSURING PRIVACY T

14、ELEVISION TRANSMISSION IN LONG-DISTANCE INTERNATIONAL (Geneva, 1994) The IT-T, considering (a) that radio signals are by their very nature likely to be received by a large number of unidentified receivers and that in the case of international television transmission using telecarnunication satellite

15、s, stations to which the information is not addressed may receive and interpret the signals; . (b) that the number of stations capable of receiving such signals is steadily increasing; (cl broadcasting as those used in transmission; that undesired access to the transmitted signal is facilitated when

16、 similar technical characteristics are used for (d) that Recommendation J.81 which defines the bit-rate reduction codec to be used for contnbution-quality applications to the third hierarchical level of Recommendation G.702 takes into account the need for a conditional access system, recommends that

17、 technical methods that should be used for ensuring privacy in long-distance international television digital transmission according to Recommendation J.8 1 using Radiocommunication techniques should be characterized as follows. 1 Scope This IT-T Recommendation constitutes a common standard for a co

18、nditional access system for long distance international transmission of digital television according to Recommendation 5.8 1. It defines the interfaces and equipment needed to operate the conditional access system and specifies a transport protocol of conditional access messages in channel CA1 of Re

19、commendation J.81. Practical implementations are also provided in annexes. 2 References - Recommendation J.8 1, Transmission of component-coded digital 7V signals for contribution-quality applications at the third hierarchical level of Recommendation G. 702. EN 50094: 1992, Access control system for

20、 the MAC/Packet family: EUROCRYPT. IS0 7816-1:1987, Identijkation cards - Integrated circuit(s) cards with contacts - Part I: Physical characteristics. - - - IS0 7816-2:1988, Identification cards - Integrated circuit(s) cards with contacts - Part 2: Dimensions and location of the contacts. ISOAEC 78

21、16-3:1989, Identification cards - Integrated circuit(s) cards with contacts - Part 3: Electronic signals and transmission protocols. - Recommendation J.91 (08/94) 1 ITU-T RECMN*J.SL 94 486259L 059bObL YYb 3 Terms and definitions For the purpose of this Recommendation, the following definitions apply

22、 scrambling is defined as the alteration of the characteristics of a visionhounddata signal in order to prevent unauthorized reception in a clear form. This alteration is a specified process under the control of the conditional access system (sending end). descrambling is defined as the restoration

23、 of the characteristics of a visiodsounddata signal in order to allow reception in a clear form. This restoration is a specified process under the control of the conditional access system (receiving end). 4 Abbreviations For the purpose of this Recommendation, the following abbreviations are used: A

24、CS . Bit CA CA 1 CA2 CAD CD CI CIW CMSM cw ECM ECW EEPROM EMh4 HDLC Iw LI MD MH MMSM NMC Octet ocw PCMCIA Access Control System A contraction of the words “binary digit” Customer Address Conditional Access channel 1 (part of the service multiplex of the codec) Conditional Access channel 2 (part of t

25、he service multiplex of the codec) Conditional Access Device Controller Device Command Identifier Container Identification Word Control Major Security module Control Word Entitlement Control Message Even Control Word Electrically Erasable Programmable Read Only Memory (integrated circuit) Entitlemen

26、t Management Message High level Data Link Control Initialization Word loaded into pseudo-random sequence generators for descrambling Length Indicator Manager Device Message Header Management Major Security Module Network Management Centre A sequence of 8 bits operated on as a data group or word Odd

27、Control Word Personal Computer Memory Card International Association - , 2 Recommendation J.91 (08194) ITU-T RECMN*J*73 94 = 4862573 0576062 382 PPI PRG Pseudo-Random (sequence) Generator PSPN Public Switched Packet Network PSTN Public Switched Telephone Network UA Unique Address USM User Security M

28、odule Phase Parity Identifier indicating which CW must be used for descrambling SA Shared Address Word A group or sequence of bits treated together 5 System overview A conditional access system is used to enable authorized users to descramble the components of a service. The scrambling and descrambl

29、ing processes are specified in Recommendtion J.81 and Summarized in 5.1. These processes are performed respectively by the encoders and the decoders. The information required for descrambling may be either manually introduced in the decoder (Le. local control word) or provided by the conditional acc

30、ess system summarized in 5.2. From the transmitter to the receiver(s), this information is structured in secure messages multiplexed with the signal itself in channels CAI and CA2 (see clause 12/5.81). These messages are extracted from the signal by the decoders and interpreted by the conditional ac

31、cess system in the authorized receiver(s) in order to control the descrambling of the service components. - 5.1 Figure 1 illustrates the scrambling/descrambling processes. Conditional access requires that the television signals are scrambled by the encoder before it is transmitted. This process is u

32、nder the control of a scrambling sequence obtained from a pseudo-random generator. The descrambling process in the decoders requires the corresponding sequence (in this case the descrambling sequence) to recover the original signal. To provide this sequence and to ensure synchronism between the tran

33、smitter and the receiver(s), the starting condition of the pseudo-random generator is controlled by an initialization word. Conditional access to a service is in fact equivalent to conditional access to the initialization word, which results from a combination of the initialization modifier and the

34、control word. The initialization modifier is used in order to produce a new initialization word for each TV container, as defined in Recommendation 5.81. The initialization modifier, called CIW in Recommendation J.81, is transmitted in clear in channel CA2. General description of the scrambiingldesc

35、rambling processes Independently of the scrambling/descrambling processes, the conditional access system creates pairs of active control words. Each pair consists of an Even Control Word (ECW) valid for even blocks and an Odd Control Word (OCW) valid for odd blocks. The parity of the transmitted blo

36、ck is given by the indicator PPI in channel CA2 (see clause 12/J.81). The control word is the basic element of security. Its arbitrary value remains constant during any block of TV containers (65 534 TV containers, which corresponds to 8.2 seconds). The encoder receives cryptograms of control words

37、and transmits them to the decoder(s) through channel CA1. 5.2 The role of the conditional access system is to create for each new transmission a new sequence of control words and to exclusively distribute each sequence to the relevant users (one transmitter and one or more receivers, according to th

38、e configuration of the transmission). To do this, the conditional access system creates, transmits and uses conditional access messages. General description of the conditional access system Recommendation J.91 (08/94) 3 ITU-T RECMN*J-SL 94 H 48h2.591 0596063 219 Sound Data Data 4 I Pseudcbrardom i g

39、enerator Clock Initialization wordf Initialization I mechanism Initialization Control modifier Two. - Conditional access interface 2 Control words t Pseudwandom generator I :lock Initialization md Initialization mechanism Initialization Contrd Conditional access interface :A2 Control words CA1 (ECMs

40、 and EMMs) CA1 (ECMs and EMMs) TO902360-94/dOl FIGURE VJ.91 Scrambling/descrambling processes To achieve security of the conditional access messages, two sets of cryptographic mechanisms are used: - Block encipherment and decipherment are used for ensuring privacy (e.g. for conveying control words a

41、nd keys in cryptograms). - Cryptographic checksum computation and Verification are used for ensuring integrity (e.g. for authenticating messages). Block encipherment and cryptographic checksum computation are achieved by Major Security Modules. Block decipherment and cryptographic checksum verificat

42、ion are achieved by User Security Modules. A cryptographic checksum must protect each conditional access message where one or more cryptograms are present. Upon reception of such a message, any Security Module has to find valid the cryptographic checksum before continuing the process. Consequently,

43、the decipherment of any cryptogram is conditioned by a successful verification of the integrity of the whole conditional access message. In any conditional access system, an authority is needed to generate the control words and to compute and transmit their cryptograms. The authority exclusively pos

44、sesses and uses the Major Security Modules. 4 Recommendation J.91 (08/94). ITU-T RECMN*J-91 94 D 4862571 059bOb4 L55 In many traditional Pay-TV systems, the same actor plays at the same time the role of the authority and the role of the transmitter. In this Recommendation, the role of the authority

45、is deliberately separated from the role of the transmitter for the following two reasons: - - The dissemination of Major Security Modules is highly undesirable. The management of international television exchanges may be centralized (e.g. EBU). Consequently, the transmitter and the receiver(s) only

46、hold and use User Security Modules. Two categories of conditional access messages are used by the conditional access system: the Entitlement Checking Messages (ECM) and the Entitlement Minagement Messages (EMM). Channel CA1 is dedicated to the transmission of messages from the transmitter to the rec

47、eiver(s). The average length of the conditional access messages is about 300 bits. An error protection (e.g. by a Golay code) may double this length. One new ECM is sent at least every 8.2 seconds. If the ECM is repeated every second, about 7 kbit/s are available to send 10 EMMs per second. Each con

48、ditional access message is a string of optional parameters. One parameter is intended for conveying one or more cryptograms. Another parameter is intended for conveying one cryptographic checksum. 5.2.1 Entitlement Checking Messages (ECMs) The ECMs are intended for providing with control words all t

49、he authorized users and only the authorized users. Consequently, the essential parameter of each ECM is one or more cryptograms of control word. The ECMs may begin with one or more access criteria. If so, at least one access criterion has to be found valid by the User Security Module before continuing the process of the message. The last parameter of each ECM must be a cryptographic checksum protecting the whole message. 5.2.2 Entitlement Management Messages (EMMs) The EMMs are intended for providing the relevant User Security Modules with appropriate e