1、 Recommendation ITU-R BT.1852-1 (10/2016) Conditional-access systems for digital broadcasting BT Series Broadcasting service (television) ii Rec. ITU-R BT.1852-1 Foreword The role of the Radiocommunication Sector is to ensure the rational, equitable, efficient and economical use of the radio-frequen
2、cy spectrum by all radiocommunication services, including satellite services, and carry out studies without limit of frequency range on the basis of which Recommendations are adopted. The regulatory and policy functions of the Radiocommunication Sector are performed by World and Regional Radiocommun
3、ication Conferences and Radiocommunication Assemblies supported by Study Groups. Policy on Intellectual Property Right (IPR) ITU-R policy on IPR is described in the Common Patent Policy for ITU-T/ITU-R/ISO/IEC referenced in Annex 1 of Resolution ITU-R 1. Forms to be used for the submission of patent
4、 statements and licensing declarations by patent holders are available from http:/www.itu.int/ITU-R/go/patents/en where the Guidelines for Implementation of the Common Patent Policy for ITU-T/ITU-R/ISO/IEC and the ITU-R patent information database can also be found. Series of ITU-R Recommendations (
5、Also available online at http:/www.itu.int/publ/R-REC/en) Series Title BO Satellite delivery BR Recording for production, archival and play-out; film for television BS Broadcasting service (sound) BT Broadcasting service (television) F Fixed service M Mobile, radiodetermination, amateur and related
6、satellite services P Radiowave propagation RA Radio astronomy RS Remote sensing systems S Fixed-satellite service SA Space applications and meteorology SF Frequency sharing and coordination between fixed-satellite and fixed service systems SM Spectrum management SNG Satellite news gathering TF Time
7、signals and frequency standards emissions V Vocabulary and related subjects Note: This ITU-R Recommendation was approved in English under the procedure detailed in Resolution ITU-R 1. Electronic Publication Geneva, 2017 ITU 2017 All rights reserved. No part of this publication may be reproduced, by
8、any means whatsoever, without written permission of ITU. Rec. ITU-R BT.1852-1 1 RECOMMENDATION ITU-R BT. 1852-1 Conditional-access systems for digital broadcasting (Question ITU-R 49-1/6) (2009-2016) Scope This Recommendation describes principles intended to facilitate the development of effective c
9、onditional-access methods for digital broadcasting that uses either MPEG-2 transport streams or MPEG media transport protocol (MMTP). It provides information on reliable protection of broadcasting services from unauthorized access. Keywords Conditional access, scramble system, access control, conten
10、t protection, MPEG-2 TS, MMT The ITU Radiocommunication Assembly, considering a) that there is a growing demand in many countries to protect broadcast programmes against unauthorized reception; b) that an efficient way of ensuring such protection of MPEG-2 transport stream packets, multiplexed accor
11、ding to Recommendation ITU-T H.222.0, is to implement conditional-access broadcasting systems; c) that an efficient way of ensuring such protection of MMTP packets formed on the basis of Recommendation ITU-R BT.2074 is to implement conditional-access broadcasting systems; d) that examples of conditi
12、onal-access systems have been designed and are operated for digital terrestrial, digital cable, digital satellite and IP (Internet Protocol) television, as well as sound, multimedia and data services; e) that there are many cases of implementing digital broadcasting systems based on relevant BT and
13、BO Series Recommendations, such as Recommendation ITU-R BO.1516 for satellite digital broadcasting systems; f) that it is desirable to limit the number of different conditional-access systems, while taking into account the different requirements of various broadcast services and transmission systems
14、; g) that putting as many common elements of conditional access as possible into the receivers at the outset would give the greatest potential to the general public to access protected services at a reduced equipment cost; h) that conditional-access systems provide a protection against and that copy
15、right owners, programme suppliers and service providers desire highly secured broadcast/distribution networks to allow protection of their programmes through access control, recommends 1 that conditional-access systems for digital broadcasting services protecting either MPEG-2 transport stream packe
16、ts or MMTP packets should: provide the services available to authorized receivers only; 2 Rec. ITU-R BT.1852-1 share the largest number of common elements in the receiver; and be designed according to the fundamental principles listed in Annex 1. NOTE 1 Examples of implementations of conditional-acc
17、ess systems for digital broadcasting are given in Annex 2. Annex 1 Fundamental principles for the design of conditional-access systems for digital broadcasting 1 Introduction The principles described in this Annex should facilitate the development of effective conditional-access systems for digital
18、broadcasting that are convenient for both subscribers and service providers, assuring reliable protection of information from unauthorized access. The principles apply generally to the delivery of digital television services, sound services as well as multimedia and data broadcasting services. These
19、 principles apply to both Recommendation ITU-T H.220.0 transport stream packet and MMTP packet delivery to consumers over different media, such as digital terrestrial, digital cable, digital satellite and IP (Internet Protocol) broadcasting. 2 Normative references Recommendation ITU-T H.222.0 | ISO/
20、IEC 13818-1 Information technology Generic coding of moving pictures and associated audio information: Systems Recommendation ITU-R BT.2074 Service configuration, media transport protocol, and signalling information for MMT-based broadcasting systems 3 Terms, definitions and abbreviations 3.1 Terms
21、and definitions Scrambling in digital broadcasting Cipher encoding of broadcast content including vision/sound/data in order to prevent unauthorized reception of the information in non-encrypted format. This cipher encoding is a specified process under the control of the conditional-access system (s
22、ending end). Descrambling in digital broadcasting Cipher decoding of broadcast content including vision/sound/data in order to allow reception of the information in non-encrypted format. This cipher decoding is a specified process under the control of the conditional-access system (receiving end). C
23、onditional access A user accesses a protected service by interacting via conditional-access functionality in the receiver. If, in the session, all the access conditions are met, authorization occurs, the cipher decoding key is released, and the content is recovered. Rec. ITU-R BT.1852-1 3 Subscriber
24、 authentication, account confirmation, and validation of service availability or other programme control parameters activate the session encryption/decryption key to let the session conclude the authorization process. Conditional-access control The function of the conditional-access control at the s
25、ending end is to generate the scrambling control information and the encryption “keys” associated with the service. The function of the conditional-access control at the receiving end is to produce the descrambling control information in conjunction with the “keys” associated with the service. Encry
26、ption and decryption These are terms used for methods which are used to protect (and interpret) some of the information within the “access-related messages” which have to be transmitted from the sending end to the receiving end of the conditional-access control functions. Point of origination This i
27、s the point in a distribution system where programme or other content first becomes a signal in its final broadcasting/distribution format. It marks the start of end-to-end protection. Entry content may be any form, not necessarily a humanly sensible form. The content input need not itself be intell
28、igible. NOTE 1 The copyright owners, service providers, and distributors form a huge hierarchy of many possible points of origination in a flow of information to a consumer and thus in the flow of scrambled content and encrypted keys to a consumer. The point of origination ought to begin with a copy
29、right holder or producer. In practice, most points of origination will be simply the points of entry wherever they may be in the system for business and operational reasons. While there may be many such points of entry, each is a unique and independent point from which the information can be consist
30、ently maintained in whatever format it may be input all the way through to a consumer. Point of presentation This is the point where programme or other content last occurs as a signal in a distribution system before it exists in a humanly sensible form at the receivers screen and speakers. It marks
31、the output from protection. Content This is any form of digital data that can be acquired and presented by a device. Service This is one or more data flows intended to be presented together. Service protection This is protection of a service such that only authorized devices are able to receive and
32、decode it. 3.2 Abbreviations Ks Scrambling key Kw Work key Km Master key EMM Entitlement management message ECM Entitlement control message CRC Cyclic redundancy check 4 Rec. ITU-R BT.1852-1 DES Data encryption standard AES Advanced encryption standard CBC Cipher block chaining CTR Counter MAC Messa
33、ge authentication code MMT MPEG media transport MMTP MPEG media transport protocol OFB Output feedback RMP Rights management and protection 4 General description of a conditional-access system There are two fundamental functions that comprise conditional-access systems for digital broadcasting; scra
34、mbling and access control. They are distinct, and in many cases independent, components in a conditional-access system, each of which is a distinct information process. 4.1 Reference model Conditional access requires that the information be scrambled before it is broadcast. This process is obtained
35、by using cipher encoding to broadcast bit-stream. The descrambling process at the receiving end requires the same cipher decoding (in this case the descrambling procedure) to recover the original bit-stream. To provide this sequence and to ensure synchronism between the sending and receiving process
36、es, the cipher decoding conditions are controlled by a data transmitted from the cipher encoder to decoder according to special protocol. The detailed structure of this process is given in Fig. 1. Rec. ITU-R BT.1852-1 5 FIGURE 1 An example of block diagram of a conditional-access system for digital
37、broadcasting B T .1 8 5 2 - 0 1Scr amb l erE n cry p t erE n cry p t erD es cramb l erD ecry p t erD ecry p t erMas t er k eyW o rk k ey A cces s co n t ro l mo d u l eSen d i n g en d Rec ei v i n g en dE n t i t l emen t co n t ro l mes s ag eE n t i t l emen t man ag emen t mes s ag eCo n t ro l
38、i n fo rmat i o nV i ew i n g j u d g men tMas t er k eyScr amb l i n g k ey W o rk k eySer v i ce co mp o n en tScr amb l i n g k ey Co n t ro l p aramet ersScr amb l i n g o f v i d eo , s o u n d an d mu l t i med i a an d d at a u s i n g ci p h er en co d er Scr amb l ed s erv i ceco mp o n en
39、t4.2 Scrambling This is the process of protecting some or all components of a service to cope with unauthorized accesses by using cipher encoding under the control of the conditional-access system at the sending end. 4.3 Access control This is a provision of information to enable authorized users to
40、 descramble the protected service. The availability of this information is controlled by the conditional-access system. Between the transmitter and the receiver(s), this information is structured in special messages, which may be multiplexed within the broadcast bit-stream itself, or may be delivere
41、d by some other means, such as over a telecommunication line. At the receiving end(s), these messages are interpreted by the access-control system in order to control the descrambling of the authorized parts from received bit-stream in the authorized receiver(s). 6 Rec. ITU-R BT.1852-1 5 User requir
42、ements 5.1 Anti-hacking strength of a cipher for scrambler and descrambler A cipher used in scrambler and descrambler blocks should be well tested for anti-hacking capability. A cipher selected from international standards is recommended. 5.2 Security The security of a system is the degree of diffic
43、ulty encountered by an unauthorized user in attempting to gain access to the protected service. Descrambling the signal without reference to the access control process. This is a function of the nature of the services and the scrambling method. Television, sound and data broadcasting services are pr
44、edominantly digital in nature and thus will allow for highly secure scrambling processes. Obtaining the access control key in an unauthorized manner. This is a function of the security of the key encryption algorithms. 5.3 Selection of common or private scrambling algorithm Access is made available,
45、 to any authorized user meeting the conditions for access, via a common (universal) or private scrambling algorithm. The use of a common scrambling algorithm implies that descrambling would be common to all receivers, based on a standard scrambling algorithm, independent to delivery media used, perm
46、its lower cost and flexible equipment and would still allow competition through service-provider-specific implementations. The use of private scrambling algorithm implies that the descrambling process would be carried out on the receivers with specific algorithm implemented only. 5.4 Access modes A
47、conditional-access system may support a range of access modes, for example: period availability (subscription of the service) authorization runs from a starting time to a finishing time; programme or service item (purchase of an event) availability is for a specific service item, whether or not it i
48、s completely used; service charge (token based) the charge or use of credit is proportional to the duration of use and/or the value of the service involved; free-to-air service is protected, but the access is provided free of charge. The access modes need to be variable with respect to several param
49、eters, for example: time; various segments of the service; groups of intended users. 5.5 Equipment standardization To provide maximum economy of manufacturing scale for receiving equipment and to simplify management and maintenance: common equipment should be standardized so that it can cater for as many service options as possible; Rec. ITU-R BT.1852-1 7 A consumers receiver architecture is required to support the conditional-access functionality requirements of the selected conditional-access system. Depending on the selected system, the fu
