ETSI TS 102 825-5-2011 Digital Video Broadcasting (DVB) Content Protection and Copy Management (DVB-CPCM) Part 5 CPCM Security Toolbox (V1 2 1)《数字视频广播(DVB) 内容保护和拷贝管理(DVB-CPCM) 第5部分.pdf

上传人:amazingpat195 文档编号:739580 上传时间:2019-01-11 格式:PDF 页数:26 大小:254.49KB
下载 相关 举报
ETSI TS 102 825-5-2011 Digital Video Broadcasting (DVB) Content Protection and Copy Management (DVB-CPCM) Part 5 CPCM Security Toolbox (V1 2 1)《数字视频广播(DVB) 内容保护和拷贝管理(DVB-CPCM) 第5部分.pdf_第1页
第1页 / 共26页
ETSI TS 102 825-5-2011 Digital Video Broadcasting (DVB) Content Protection and Copy Management (DVB-CPCM) Part 5 CPCM Security Toolbox (V1 2 1)《数字视频广播(DVB) 内容保护和拷贝管理(DVB-CPCM) 第5部分.pdf_第2页
第2页 / 共26页
ETSI TS 102 825-5-2011 Digital Video Broadcasting (DVB) Content Protection and Copy Management (DVB-CPCM) Part 5 CPCM Security Toolbox (V1 2 1)《数字视频广播(DVB) 内容保护和拷贝管理(DVB-CPCM) 第5部分.pdf_第3页
第3页 / 共26页
ETSI TS 102 825-5-2011 Digital Video Broadcasting (DVB) Content Protection and Copy Management (DVB-CPCM) Part 5 CPCM Security Toolbox (V1 2 1)《数字视频广播(DVB) 内容保护和拷贝管理(DVB-CPCM) 第5部分.pdf_第4页
第4页 / 共26页
ETSI TS 102 825-5-2011 Digital Video Broadcasting (DVB) Content Protection and Copy Management (DVB-CPCM) Part 5 CPCM Security Toolbox (V1 2 1)《数字视频广播(DVB) 内容保护和拷贝管理(DVB-CPCM) 第5部分.pdf_第5页
第5页 / 共26页
点击查看更多>>
资源描述

1、 ETSI TS 102 825-5 V1.2.1 (2011-02)Technical Specification Digital Video Broadcasting (DVB);Content Protection and Copy Management (DVB-CPCM);Part 5: CPCM Security ToolboxETSI ETSI TS 102 825-5 V1.2.1 (2011-02)2Reference RTS/JTC-DVB-252-5 Keywords broadcast, DVB ETSI 650 Route des Lucioles F-06921 S

2、ophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the present document can be downloaded from: http:/www.etsi.org

3、 The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI

4、 printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http:/portal.etsi.

5、org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and the foregoing

6、 restriction extend to reproduction in all media. European Telecommunications Standards Institute 2011. European Broadcasting Union 2011. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTM, TIPHONTM, the TIPHON logo and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3

7、GPPTM is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. LTE is a Trade Mark of ETSI currently being registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by

8、 the GSM Association. ETSI ETSI TS 102 825-5 V1.2.1 (2011-02)3Contents Intellectual Property Rights 4g3Foreword . 4g31 Scope 5g32 References 5g32.1 Normative references . 5g32.2 Informative references 6g33 Definitions, abbreviations and notation 6g33.1 Definitions 6g33.2 Abbreviations . 6g33.3 Notat

9、ion 6g34 Cryptographic Algorithms 6g34.1 Hash function . 6g34.2 Message Authentication Code 7g34.3 Symmetric cipher . 7g34.4 Revocation Lists Digital Signature . 7g34.5 Local Scrambler Algorithm (LSA) . 7g34.5.1 Control signals and parameters . 8g34.5.1.1 IV for encryption payload preparation and Sh

10、ort Solitary Block Handling 9g34.5.2 CBC Chaining Mode 10g34.5.3 RCBC Chaining Mode 11g34.5.4 Summary of CBC and RCBC scrambling/descrambling process . 13g34.5.5 LSA - Normative Specification 13g34.5.6 MPEG-2 Transport Stream adaptation 15g34.6 Certificate verification 15g34.7 Certificate keys and d

11、igest generation 16g34.8 Revocation List verification . 17g34.9 Secure time management 18g35 Cryptographic Protocols . 18g35.1 Authenticated Key Exchange (AKE) . 18g35.2 Trust Management 20g36 Formats and definitions 21g36.1 Certificate format . 21g36.2 Revocation List hierarchy 22g36.3 Cryptography

12、 Toolbox parameters . 23g3History 26g3ETSI ETSI TS 102 825-5 V1.2.1 (2011-02)4Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI member

13、s and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/webapp.etsi

14、.org/IPR/home.asp). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, esse

15、ntial to the present document. Foreword This Technical Specification (TS) has been produced by Joint Technical Committee (JTC) Broadcast of the European Broadcasting Union (EBU), Comit Europen de Normalisation ELECtrotechnique (CENELEC) and the European Telecommunications Standards Institute (ETSI).

16、 NOTE: The EBU/ETSI JTC Broadcast was established in 1990 to co-ordinate the drafting of standards in the specific field of broadcasting and related fields. Since 1995 the JTC Broadcast became a tripartite body by including in the Memorandum of Understanding also CENELEC, which is responsible for th

17、e standardization of radio and television receivers. The EBU is a professional association of broadcasting organizations whose work includes the co-ordination of its members activities in the technical, legal, programme-making and programme-exchange domains. The EBU has active members in about 60 co

18、untries in the European broadcasting area; its headquarters is in Geneva. European Broadcasting Union CH-1218 GRAND SACONNEX (Geneva) Switzerland Tel: +41 22 717 21 11 Fax: +41 22 717 24 81 The Digital Video Broadcasting Project (DVB) is an industry-led consortium of broadcasters, manufacturers, net

19、work operators, software developers, regulatory bodies, content owners and others committed to designing global standards for the delivery of digital television and data services. DVB fosters market driven solutions that meet the needs and economic circumstances of broadcast industry stakeholders an

20、d consumers. DVB standards cover all aspects of digital television from transmission through interfacing, conditional access and interactivity for digital video, audio and data. The consortium came together in 1993 to provide global standardisation, interoperability and future proof specifications.

21、The present document is part 5 of a multi-part deliverable. Full details of the entire series can be found in part 1 4. Introduction CPCM is a system for Content Protection and Copy Management of commercial digital content delivered to consumer products. CPCM manages content usage from acquisition i

22、nto the CPCM system until final consumption, or export from the CPCM system, in accordance with the particular usage rules of that content. Possible sources for commercial digital content include broadcast (e.g. cable, satellite, and terrestrial), Internet-based services, packaged media, and mobile

23、services, among others. CPCM is intended for use in protecting all types of content - audio, video and associated applications and data. CPCM specifications facilitate interoperability of such content after acquisition into CPCM by networked consumer devices for both home networking and remote acces

24、s. This first phase of the specification addresses CPCM for digital Content encoded and transported by linear transport systems in accordance with TS 101 154 2. A later second phase will address CPCM for Content encoded and transported by systems that are based upon Internet Protocols in accordance

25、with TS 102 005 1. ETSI ETSI TS 102 825-5 V1.2.1 (2011-02)51 Scope The present document specifies the Security Specification for the Digital Video Broadcasting (DVB) Content Protection and Copy Management (CPCM) system. 2 References References are either specific (identified by date of publication a

26、nd/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the reference document (including any amendments) applies. Referenced documents which are not found to be publicly available in the exp

27、ected location might be found at http:/docbox.etsi.org/Reference. NOTE: While any hyperlinks included in this clause were valid at the time of publication ETSI cannot guarantee their long term validity. 2.1 Normative references The following referenced documents are necessary for the application of

28、the present document. 1 ETSI TS 102 005: Guidelines for the use of compression formats over IPDigital Video Broadcasting (DVB); Specification for the use of Video and Audio Coding in DVB services delivered directly over IP protocols“Digital Video Broadcasting (DVB); Specification for the use of Vide

29、o and Audio Coding in DVB services delivered directly over IP protocols“. 2 ETSI TS 101 154: “Digital Video Broadcasting (DVB); Specification for the use of Video and Audio Coding in Broadcasting Applications based on the MPEG-2 Transport Stream“. 3 FIPS Publication 180-1: “Secure Hash Standard, Nat

30、ional Institute of Standards and Technology, 1994. NOTE: Available at http:/www.itl.nist.gov/fipspubs/fip180-1.htm. 4 ETSI TS 102 825-1: “Digital Video Broadcasting (DVB); Content Protection and Copy Management (DVB-CPCM); Part 1: CPCM Abbreviations, Definitions and Terms“. 5 ETSI TS 102 825-4: “Dig

31、ital Video Broadcasting (DVB); Content Protection and Copy Management (DVB-CPCM); Part 4: CPCM System Specification“. 6 FIPS Publication 198 (2001): “The Keyed-Hash Message Authentication Code (HMAC), National Institute of Standards and Technology“. NOTE: Available at http:/csrc.nist.gov/publication

32、s/fips/fips198/fips-198a.pdf. 7 FIPS Publication 197: Advanced Encryption Standard, National Institute of Standards and Technology, 2001. NOTE: Available at http:/csrc.nist.gov/publications/fips/fips197/fips-197.pdf. 8 FIPS Special Publication 800-38A (2001): “Recommendation for Block Cipher Modes o

33、f Operation“. NOTE: Available at http:/csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf. 9 ISO/IEC 13818-1: “Information technology - Generic coding of moving pictures and associated audio information: Systems“. 10 PKCS #1 (v2.1) (2002): “RSA Cryptography Standard“ RSA Laboratories. NOTE: A

34、vailable at ftp:/ ETSI ETSI TS 102 825-5 V1.2.1 (2011-02)62.2 Informative references The following referenced documents are not necessary for the application of the present document but they assist the user with regard to a particular subject area. Not applicable. 3 Definitions, abbreviations and no

35、tation 3.1 Definitions For the purposes of the present document, the terms and definitions given in TS 102 825-1 4 apply. 3.2 Abbreviations For the purposes of the present document, the abbreviations given in TS 102 825-1 4 apply. 3.3 Notation The present document uses the following notation through

36、out: Table 1: Notation Scope Notation Meaning Hashes H(M) The Hash of message M. H(X,Y) The Hash of the concatenation of messages X and Y, X being first. MAC MACK(M) The MAC of message M using key K. Encryption EK(M) Encryption of message M using key K. Decryption DK(C) Decryption of cipher text C u

37、sing key K. LSA XOR, or Bitwise XOR operation on two blocks of 16 bytes. AND Bitwise AND. Padding The LSA works on blocks of 16 bytes. If an input block contains less than 16 bytes it is padded with zeroes at the high end, i.e. the highest byte(s) of the resulting basic block will be zero, before fu

38、rther usage. A box containing two zeroes on the right side of a partial block indicates this. | Concatenation of two partial blocks to form a full block of 16 bytes, e.g. Cn|00. MSCx The xthMSC data block of 16 bytes, or possibly less for the last block. Px The xthplaintext block of 16 bytes, or pos

39、sibly less for the last block. Cx The xthciphertext block of 16 bytes, or possibly less for the last block. 00aA string of a bytes with value 0. General Values Abs(x) Absolute value of x. Array All Array indices start at 0. Arraya Indexing: the (a + 1)thelement in an array. i = ab This represents a

40、range of numbers from i = a to i = b inclusive, a,b Z. 4 Cryptographic Algorithms 4.1 Hash function CPCM compliant implementations shall use the SHA-1 hash algorithm described in 3. ETSI ETSI TS 102 825-5 V1.2.1 (2011-02)74.2 Message Authentication Code CPCM compliant implementations shall use the H

41、MAC Message Authentication Code generation and verification algorithm described in 6. NOTE: Message Authentication Code are sometimes also named signature when the key is AD Secret or SAC Session key. 4.3 Symmetric cipher CPCM compliant implementations shall use the symmetric cipher algorithm Advanc

42、ed Encryption Standard (AES) with 128-bit key length as described in 7. For SAC protection, cipher is used in Cipher Block Chaining (CBC) mode as described in 8 with a fixed Initialization Vector (IV) value for both Licence Protection and as a Secure Authenticated Channel (SAC) cipher. If message le

43、ngth is not dividable by 16, the last message block shall be padded with sufficient bytes of value 0x00 to get a full block. Upon decryption, padding shall be removed using the message length. For protection of Content Licence with AD Secret, cipher is used in Electronic Code Book (ECB). 4.4 Revocat

44、ion Lists Digital Signature Revocation Lists are signed using RSASSA-PKCS1-V1_5-SIGN described in PKCS #1 v2.1 10. CPCM compliant implementations do not need to implement RSASSA-PKCS1-V1_5-SIGN. Revocation Lists signatures are verified using RSASSA-PKCS1-V1_5-VERIFY described in PKCS #1 v2.1,10. The

45、 public exponent used in the signature process is constant (see clause 6.3). 4.5 Local Scrambler Algorithm (LSA) The LSA described in this clause shall be used to protect Content within compliant CPCM systems. The LSA uses the AES cipher described in 7 as its basic building block, with 128-bit keys,

46、 called Control Words (CWs). The basic unit of scrambling (or descrambling) is called a packet. Each packet is scrambled independently from all others, allowing random access. A packet consists of a part that must not be scrambled, called the Must Stay Clear (MSC) data, (aka MSC Data or MSC Part), a

47、nd a part that must be scrambled, called the payload. The MSC Part consists of 0 or more bytes. The LSA has two so-called MSC modes for handling the MSC data: “MSC Data Dependent“ (MDD): MSC Data contributes to the scrambling of the rest of the packet. A change of the data in the MSC Part (PID, PCR,

48、 etc. contained in the header or Adaptation Field) of the scrambled packet will adversely impact de-scrambling. The MSC Part may contain bits that must be masked, i.e. set to 0, prior to processing of the MSC Part in this mode, for instance an error bit which may be set in transit from a scrambling

49、source to a descrambling sink. Processing of the MSC part in this mode is explained later in this clause. “MSC Data Independent“ (MDI): the MSC Data does not contribute to the scrambling of the rest of the packet. A change of the data in the MSC part (e.g. for re-multiplexing) may be done without descrambling and re-scrambling. A third possibility is to encrypt/decrypt the complete packet, i.e. including the MSC data. This is controlled by the MSC Over

展开阅读全文
相关资源
猜你喜欢
  • DIN EN 62541-5-2015 OPC unified architecture - Part 5 Information Model (IEC 62541-5 2015) English version EN 62541-5 2015《OPC总体架构 第5部分 信息模型(IEC 62541-5-2015) 英文版本EN 62541-5-2015》.pdf DIN EN 62541-5-2015 OPC unified architecture - Part 5 Information Model (IEC 62541-5 2015) English version EN 62541-5 2015《OPC总体架构 第5部分 信息模型(IEC 62541-5-2015) 英文版本EN 62541-5-2015》.pdf
  • DIN EN 62541-6-2015 OPC unified architecture - Part 6 Mappings (IEC 62541-6 2015) English version EN 62541-6 2015《OPC总体架构 第6部分 映像(IEC 62541-6-2015) 英文版本EN 62541-6-2015》.pdf DIN EN 62541-6-2015 OPC unified architecture - Part 6 Mappings (IEC 62541-6 2015) English version EN 62541-6 2015《OPC总体架构 第6部分 映像(IEC 62541-6-2015) 英文版本EN 62541-6-2015》.pdf
  • DIN EN 62541-7-2015 OPC unified architecture - Part 7 Profiles (IEC 62541-7 2015) English version EN 62541-7 2015《OPC统一架构 第7部分 配置文件(IEC 62541-7-2015) 英文版本EN 62541-7-2015》.pdf DIN EN 62541-7-2015 OPC unified architecture - Part 7 Profiles (IEC 62541-7 2015) English version EN 62541-7 2015《OPC统一架构 第7部分 配置文件(IEC 62541-7-2015) 英文版本EN 62541-7-2015》.pdf
  • DIN EN 62541-8-2015 OPC unified architecture - Part 8 Data Access (IEC 62541-8 2015) English version EN 62541-8 2015《OPC总体架构 第8部分 数据存取(IEC 62541-8-2015) 英文版本EN 62541-8-2015》.pdf DIN EN 62541-8-2015 OPC unified architecture - Part 8 Data Access (IEC 62541-8 2015) English version EN 62541-8 2015《OPC总体架构 第8部分 数据存取(IEC 62541-8-2015) 英文版本EN 62541-8-2015》.pdf
  • DIN EN 62541-9-2015 OPC unified architecture - Part 9 Alarms and conditions (IEC 62541-9 2015) English version EN 62541-9 2015《OPC统一架构 第9部分 警报和条件(IEC 62541-9-2015) 英文版本EN 62541-9-2.pdf DIN EN 62541-9-2015 OPC unified architecture - Part 9 Alarms and conditions (IEC 62541-9 2015) English version EN 62541-9 2015《OPC统一架构 第9部分 警报和条件(IEC 62541-9-2015) 英文版本EN 62541-9-2.pdf
  • DIN EN 62546-2010 High Definition (HD) recording link guidelines (IEC 62546 2009) English version EN 62546 2009《高清晰度(HD)唱片连接指南 (IEC 62546-2009) 英文版本 EN 62546-2009》.pdf DIN EN 62546-2010 High Definition (HD) recording link guidelines (IEC 62546 2009) English version EN 62546 2009《高清晰度(HD)唱片连接指南 (IEC 62546-2009) 英文版本 EN 62546-2009》.pdf
  • DIN EN 62549-2012 Articulated systems and flexible systems for cable guiding (IEC 62549 2011) German version EN 62549 2011《电缆导向铰接系统和柔性系统(IEC 62549-2011) 德文版本EN 62549-2011》.pdf DIN EN 62549-2012 Articulated systems and flexible systems for cable guiding (IEC 62549 2011) German version EN 62549 2011《电缆导向铰接系统和柔性系统(IEC 62549-2011) 德文版本EN 62549-2011》.pdf
  • DIN EN 62551-2013 Analysis techniques for dependability - Petri net techniques (IEC 62551 2012) German version EN 62551 2012《可靠性分析技术 Petri网技术(IEC 62551-2012) 德文版本EN 62551-2012》.pdf DIN EN 62551-2013 Analysis techniques for dependability - Petri net techniques (IEC 62551 2012) German version EN 62551 2012《可靠性分析技术 Petri网技术(IEC 62551-2012) 德文版本EN 62551-2012》.pdf
  • DIN EN 62552-2013 Household refrigerating appliances - Characteristics and test methods (IEC 62552 2007 modified + corrigendum Mar 2008) German version EN 62552 2013)《家用制冷器具 特征和试验方.pdf DIN EN 62552-2013 Household refrigerating appliances - Characteristics and test methods (IEC 62552 2007 modified + corrigendum Mar 2008) German version EN 62552 2013)《家用制冷器具 特征和试验方.pdf
  • 相关搜索

    当前位置:首页 > 标准规范 > 国际标准 > 其他

    copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
    备案/许可证编号:苏ICP备17064731号-1