1、STD-ITU-T RECMN J.93-ENGL 1998 m 4862571 Ob49583 741 m INTERNATIONAL TELECOMMUNICATION UNION ITU-T TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU J.93 (03198) SERIES J: TRANSMISSION OF TELEVISION, SOUND PROGRAMME AND OTHER MULTIMEDIA SIGNALS Ancillary digital services for television transmission Re
2、quirements for conditional access in the secondary distribution of digital television on cable television systems ITU-T Recommendation J.93 (Previously CCITT Recommendation) STDmITU-T RECMN J.73-ENGL 1998 D 4862.571 0647.584 688 D ITU-T 1-SERIES RECOMMENDATIONS TRANSMISSION OF TELEVISION, SOUND PROG
3、RAMME AND OTHER MULTIMEDIA SIGNALS General Recommendations J.1-J.9 General specifications for analogue sound-programme transmission J.10-J. 19 Performance characteristics of analogue sound-programme circuits Equipment and lines used for analogue sound-programme circuits Digital encoders for analogue
4、 sound-programme signals J.20-J.29 J.30-J.39 J.40-J.49 Digital transmission of sound-programme signals Circuits for analogue television transmission Analogue television transmission over metallic lines and interconnection with radio-relay links Digital transmission of television signals J.50-J.59 J.
5、60-J.69 5.70-3.79 J. 80-J. 89 - - Ancillary digital services for television transmission J.90-J.99 Operational requirements and methods for television transmission Interactive systems for digital television distribution Transport of MPEG-2 signals on packetised networks Measurement of the quality of
6、 service Digital television distribution through local subscriber networks J. 100-J. 109 J.110-J.129 J.130-J.139 J. 140-5.149 J. 150-J. 159 Forfirther details, please refer to ITU-T List of Recommendations. - STD-ITU-T RECMN J.73-ENGL 1978 48b2591 Ob47585 514 = ITU-T RECOMMENDATION 5-93 REQUIREMENTS
7、 FOR CONDITIONAL ACCESS IN THE SECONDARY DISTRIBUTION OF DIGITAL TELEVISION ON CABLE TELEVISION SYSTEMS Summary This Recommendation considers the requirements, hardware and command interfaces, policies, and procedures appertaining to conditional access for the secondary delivery of digital televisio
8、n and data on cable systems. Source ITU-T Recommendation 5.93 was prepared by 1T-T Study Group 9 (1997-2000) and was approved under the WTSC Resolution No. 1 procedure on the 18th of March 1998. Recommendation 5.93 (03/98) 1 - STDmITU-T RECMN J-93-ENGL 3998 4862593 0649586 450 FOREWORD IT (Internati
9、onal Telecommunication Union) is the United Nations Specialized Agency in the field of telecotnmuni- cations. The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of the ITU. The ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommen
10、dations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standardization Conference (WTSC), which meets evew four years, establishes the topics for study by the ITU-T Study Groups which, in their turn, produce Recommendations on these topics.
11、The approval of Recommendations by the Members of the ITU-T is covered by the procedure laid down in WTSC Resolution No. 1. In some areas of information technology which fall within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with IS0 and IEC. NOTE In this Recommend
12、ation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. INTELLECTUAL PROPERTY RIGHTS The ITU draws attention to the possibility that the practice or implementation of this Recommendation may involve the use
13、 of a claimed Intellectual Property Right. The ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by IT members or others outside of the Recommendation development process. As of the date of approval of this Recommendati
14、on, the IT had not received notice of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementors are cautioned that this may not represent the latest information and are therefore strongly urged to consult the TSB patent database. O IT
15、1998 All rights reserved. No part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from the ITU. I 11 Recommendation 5.93 (03/98) 1 2 3 4 5 6 7 8 9 STD-ITU-T RECMN J.93-ENGL 19
16、98 48b257L Oh47587 397 CONTENTS Scope References Definitions . Background . 4.1 Television 4.2 Secondary distribution of cable data . Conditional Access requirements on cable systems . 5.1 Signal security requirements . Key distribution and storage requirements 5.3 Secure signature 5.4 Control syste
17、m integrity 5.5 Authorization coding . Manufacturing and distribution security . Failure and compromise recovery Policies and procedures 5.2 Key escrow provision . Appendix I . Bibliography . Recommendation 5.93 (03/98) Page 1 1 1 2 3 3 3 4 4 5 5 5 5 6 6 6 7 . 111 STD-ITU-T RECMN J.93-ENGL 2998 m 48
18、62593 Ob49588 223 m Recommendation 5.93 REQUIREMENTS FOR CONDITIONAL ACCESS IN THE SECONDARY DISTRIBUTION OF DIGITAL TELEVISION ON CABLE TELEVISION SYSTEMS (Geneva, 1998) 1 Scope This Recommendation lists the requirements for the Conditional Access (CA) systems related to the secondary distribution
19、of digital television and data signals over a cable television system. The actual conditional access features selected for implementation in a specific system should be derived fiom the system requirements for that system. 2 References The following ITU-T Recommendations, and other references contai
20、n provisions which, through reference in this text, constitute provisions of this Recommendation. At the time of publication, the editions indicated were valid. All Recommendations and other references are subject to revision; all users of this Recommendation are therefore encouraged to investigate
21、the possibility of applying the most recent edition of the Recommendations and other references listed below. A list of the currently valid ITU-T Recommendations is regularly published. 11 ITU-T Recommendation 5.83 1997), Digital multi-programme systems for television, sound and data services for ca
22、ble distribution. 2 ITU-T Recommendation 5.84 ( 1997), Distribution of digital multi-programme signals for television, sound and data services through SMATV networks. 3 Definitions This Recommendation defines the following terms. 3.1 algorithm: A mathematical process which can be used for the scramb
23、ling and descrambling of a data stream. 3.2 authentication: The process intended to allow the system to check with certainty the identification of a party. 3.3 subscriber decoder unit. authorization coding: A digital word which describes the personality or service access capability of the NOTE -This
24、 code word, which is based on the service access authorized by the billing system, determines which keys are distributed to each customer, and is required at the subscriber decoder to authorize the descrambling of any specific program. 3.4 Conditional Access system (CA): The complete system for ensu
25、ring that cable services are accessible only to those who are entitled to receive them, and that the ordering of such services is not subject to modification or repudiation. 3.5 key in electronic cryptographic systems). cryptanalysis: The science of recovering the plaintext of a message without acce
26、ss to the key (to the electronic 3.6 number of bits that can be securely encrypted before it becomes advisable to change the key. cryptographic duty cycle: The maximum secure capacity of a cryptographic process, based on the total 3.7 sound, and data services. descrambling: The process of reversing
27、the scrambling function (see “scrambling“) to yield usable pictures, Recommendation 5.93 (03/98) 1 STD-ITU-T RECMN J.93-ENGL 3998 4862593 Ob49589 ZbT W 3.8 electronic key: The term for data signals which are used to control the descrambling process in subscriber decoders. NOTE - There are at least t
28、hree types of electronic keys: those used for television signal streams, those used for protecting control system operations, and those used for the distribution of electronic keys on the cable system. See also “authorization coding“ which is also effectively a key. 3.9 encryption: The process of sc
29、rambling signals to avoid unauthorized access. 3.10 operating hours of the delivery system. NOTE - By contrast, other services, such as a pay-per-view feature film, are only available for a specific period of time. 3.11 connected. full period terminated service: A subscription service that is always
30、 available to subscribers during the host: A device with generalized functionality where modules containing specialized functionality can be 3.12 unauthorized results. integrity: The ability of a function to withstand being usurped for unauthorized use, or modified to yield 3.13 to internal function
31、ality by unauthorized parties. intrusion resistance: The ability of a hardware object to deny physical, electrical, or irradiation-based access 3.14 3.15 having sent the message. module: A small device, not working by itself, designed to run specialized tasks in association with a host. non-repudiat
32、ion: A process by which the sender of a message (e.g. a request on a pay-per-view) cannot deny 3.16 one-way hash: A mathematical process or algorithm whereby a variable length message is changed into a fixed length digital word, such that it is very difficult to calculate the original message from t
33、he word, and also very difficult to find a second message with the same word. 3.17 period of time. 3.18 for unauthorized reception. pay-per-view: A payment system whereby the subscriber can pay for an individual program or specified piracy: The act of acquiring unauthorized access to programs, usual
34、ly for the purpose of reselling such access 3.19 public key cryptography: A cryptographic technique based upon a two-key algorithm, private and public, wherein a message is encrypted with the public key but can only be decrypted with the private key. Also known as a Private-Public Key (PPK) system.
35、NOTE - Knowing the public key does not reveal the private key. Example: Party A would devise such a private and public key, and send the public key openly to all who might wish to communicate with Party A, but retain the private key in secret. Then, while any who have the public key can encrypt a me
36、ssage for Party A, only Party A with the private key can decrypt the messages. 3.20 unauthorized parties. scrambling: The process of using an encryption function to render television and data signals unusable to 3.21 secure signature: A mathematical process by which the origin and integrity of a tra
37、nsmitted message can be ascertained. NOTE - If a secure signature system is used, the originator cannot deny having sent the message, and the receiver can determine if the message has been modified. 3.22 transport stream: An MPEG-2 Transport Stream. 4 Background With the advent of digital cable tele
38、vision and data, new standards are required for the Conditional Access (CA), or security, subsystem which performs the several functions associated with this system element. There are numerous standards activities directly addressing the conditional access of cable television and data signals curren
39、tly in progress worldwide. There are other organizations which address security for these signals tangentially by targeting a larger issue which also includes television and data. 2 Recommendation 5.93 (03198) 4.1 Television Conditional Access requirement Signal Security Just as with analogue cable
40、television transmissions today, there are varying requirements for the different types of digital television programming material which will be carried to the users premises on cable delivery systems. These include: Explanation Provides the encryption of the digital television signals andor related
41、messaging to prevent unauthorized access to the contents (see 5.1) 0 basic tier full period terminated subscription television services; Key Distribution Secure Signature 0 premium channel full period terminated subscription television services; Refers to that subsystem which generates, distributes
42、and stores the cryptographic keys for the headend encoders and for the customer premises decoders (see 5.2) The process by which user authentication and transactional non- repudiation are accomplished (see 5.3) 0 transaction coherent television services such as pay-per-view; 0 short-term television
43、which is part of a multimedia transmission for the purpose of marketing, commerce, or communications. Cable delivery of television programming has the same basic security challenges found on broadcast, satellite, Sh4ATV (Satellite Master Antenna Television), and Multichannel Multipoint Distribution
44、Systems (MMDS), mainly resulting from the requirement to place an operational decoder with current keying material inside of the users premises, one of whom happens to also be the pirate, where it can be subjected to sophisticated attack without fear of physical detection. In a traditional governmen
45、tal or military symmetric key system, this is equivalent to giving the enemy the current cryptographic key. Physical measures, such as secure microprocessors, make the job more difficult, but no such countermeasures will delay the professional for long. Cable delivery has the advantage that in being
46、 a closed system, certain policies and procedures discussed below can be implemented to make the pirates efforts unprofitable. In setting CA requirements, attention must be paid to the assessments of risk and threats, and the capital and operational costs of recommended countermeasures. Risk refers
47、to that which might be lost if the CA system were compromised. In the case of cable systems, the risk is the loss of system revenue through signal theft, or the usurpation of control of the system by an unauthorized party. The threat is the individual, organization, or mechanism by which the CA coun
48、termeasures are compromised and the risk incurred. All countermeasures, even if they are procedures only, represent some cost to the operating cable system. If the cost to negate the threat is too large relative to the risk, then it is not a workable option. 4.2 Secondary distribution of cable data
49、(For further study.) 5 Conditional Access requirements on cable systems The general area of Conditional Access (CA), as applied to the secondary distribution of digital television and data on cable systems, can be subdivided and defined as shown in Table 1 below. Table UJ.93 - Conditional Access requirements and explanations Control System Integrity r Prevents the usurpation of system control by an unauthorized entity (see 5.4) Authorization Coding A. process whereby the access personality of the subscriber decoding unit is protected against unauthor
