1、 INTERNATIONAL TELECOMMUNICATION UNION ITU-T J.96TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (07/2002) SERIES J: CABLE NETWORKS AND TRANSMISSION OF TELEVISION, SOUND PROGRAMME AND OTHER MULTIMEDIA SIGNALS Ancillary digital services for television transmission Technical method for ensuring privac
2、y in long-distance international MPEG-2 television transmission conforming to ITU-T Recommendation J.89 ITU-T Recommendation J.96 ITU-T J-SERIES RECOMMENDATIONS CABLE NETWORKS AND TRANSMISSION OF TELEVISION, SOUND PROGRAMME AND OTHER MULTIMEDIA SIGNALS General Recommendations J.1J.9 General specific
3、ations for analogue sound-programme transmission J.10J.19 Performance characteristics of analogue sound-programme circuits J.20J.29 Equipment and lines used for analogue sound-programme circuits J.30J.39 Digital encoders for analogue sound-programme signals J.40J.49 Digital transmission of sound-pro
4、gramme signals J.50J.59 Circuits for analogue television transmission J.60J.69 Analogue television transmission over metallic lines and interconnection with radio-relay links J.70J.79 Digital transmission of television signals J.80J.89 Ancillary digital services for television transmission J.90J.99
5、Operational requirements and methods for television transmission J.100J.109 Interactive systems for digital television distribution J.110J.129 Transport of MPEG-2 signals on packetised networks J.130J.139 Measurement of the quality of service J.140J.149 Digital television distribution through local
6、subscriber networks J.150J.159 IPCablecom J.160J.179 Miscellaneous J.180J.199 Application for Interactive Digital Television J.200J.209 For further details, please refer to the list of ITU-T Recommendations. ITU-T Rec. J.96 (07/2002) i ITU-T Recommendation J.96 Technical method for ensuring privacy
7、in long-distance international MPEG-2 television transmission conforming to ITU-T Recommendation J.89 Summary This ITU-T Recommendation describes a Basic Interoperable Scrambling System (BISS-E) for use on digital contribution circuits (satellite, DSNG, etc.) compliant with ITU-T Rec. J.89, which us
8、es fixed keys. BISS-E uses encrypted Session Words and allows centrally managed conditional access. Source ITU-T Recommendation J.96 was revised by ITU-T Study Group 9 (2001-2004) and approved under the WTSA Resolution 1 procedure on 29 July 2002. ii ITU-T Rec. J.96 (07/2002) FOREWORD The Internatio
9、nal Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications. The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations
10、 on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standardization Assembly (WTSA), which meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval o
11、f ITU-T Recommendations is covered by the procedure laid down in WTSA Resolution 1. In some areas of information technology which fall within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this Recommendation, the expression “Administration“ i
12、s used for conciseness to indicate both a telecommunication administration and a recognized operating agency. INTELLECTUAL PROPERTY RIGHTS ITU draws attention to the possibility that the practice or implementation of this Recommendation may involve the use of a claimed Intellectual Property Right. I
13、TU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the Recommendation development process. As of the date of approval of this Recommendation, ITU had not received notice of intellectual
14、 property, protected by patents, which may be required to implement this Recommendation. However, implementors are cautioned that this may not represent the latest information and are therefore strongly urged to consult the TSB patent database. ITU 2002 All rights reserved. No part of this publicati
15、on may be reproduced, by any means whatsoever, without the prior written permission of ITU. ITU-T Rec. J.96 (07/2002) iii CONTENTS Page 1 Scope 1 2 Informative reference 1 3 Definitions 1 4 Abbreviations 2 5 Security requirements . 2 6 Modes of operation. 3 7 Mode 0 3 8 BISS Mode 1 Functional requir
16、ements 3 8.1 Overview 3 8.2 CA_descriptor. 4 9 BISS Mode E Functional requirements . 4 9.1 Clear Session Word 4 9.2 Encrypted Session Word 4 9.3 Decryption scheme . 5 9.3.1 Overview 5 9.3.2 Unit identifiers 5 9.3.3 Decryption function 6 9.3.4 Post-processing function 8 ITU-T Rec. J.96 (07/2002) 1 IT
17、U-T Recommendation J.96 Technical method for ensuring privacy in long-distance international MPEG-2 television transmission conforming to ITU-T Recommendation J.89 1 Scope This Recommendation constitutes a common standard for a conditional access system for long distance international transmission o
18、f digital television according to MPEG Professional Profile (4:2:2). The rapid increase in the use of Digital Satellite News Gathering (DSNG) technology has resulted in the availability of digital codec equipment from a number of vendors. At the same time, the absence of standard methods for the sec
19、uring and scrambling of DSNG broadcasts has spawned the development of several different proprietary security mechanisms. The widespread acceptance of DVB standards now makes it possible to propose and provide a security mechanism that offers interoperability between the equipment of different DSNG
20、vendors. This would enable broadcasters to combine equipment from several vendors, while making systems more future-proof. The Basic Interoperable Scrambling System (BISS) is based on the DVB-CSA specification 1, and the use of fixed clear keys called Session Words (SWs). BISS specification Mode 1 i
21、s used for DSNG. BISS specification Mode E (BISS with Encrypted keys referred to as BISS-E) introduces an additional mechanism to accept the insertion of Encrypted Session Words (ESWs) while, at the same time, conserving interoperability. This mechanism is backward-compatible with BISS specification
22、 Mode 1. 2 Informative reference EBU Technical Document: Tech 3292 rev.2 (2002), BISS-E Basic Interoperable Scrambling System with Encrypted keys. 3 Definitions This Recommendation defines the following terms: 3.1 scrambler: relates to the overall mechanisms required to meet the DVB-CSA specificatio
23、n. 3.2 session word: relates to the word assigned during a transmission by the Management Centre. 3.3 unit: relates to a device for which this Recommendation might apply. 3.4 management centre: refers to an organization controlling or managing the conditional access system. 3.5 decryption function:
24、refers to a logical function used to decrypt the Encrypted Session Words, with the help of a key. 3.6 interoperable function: refers to a decryption function that shall be embedded in all units. The bits in binary numbers or sequences are numbered from the left, according to engineering notation. Bi
25、t 0 is on the right and is the least significant one; the bit on the left is the most significant one. 2 ITU-T Rec. J.96 (07/2002) Here is an example of engineering notation for an n-bit number: bn1bn2. b1b04 Abbreviations This Recommendation uses the following abbreviations: BISS Basic Interoperabl
26、e Scrambling System bslbf Bit String, Left Bit First CA Conditional Access CAT Conditional Access Table CSA (DVB) Common Scrambling Algorithm CW Control Word DES Data Encryption Standard DSNG Digital Satellite News Gathering DVB Digital Video Broadcasting ECB Electronic Codebook ECM Entitlement Cont
27、rol Message EMM Entitlement Management Message ESW Encrypted Session Word lsb Least Significant Bit LSB Least Significant Byte MC Management Centre msb Most Significant Bit MSB Most Significant Byte PID Packet Identification number PMT Programme Map Table SW Session Word uimsbf Unsigned Integer, Mos
28、t Significant Bit First 5 Security requirements The DSNG model requires the direct entry of a Session Word at the transmitter and receiver, to control access to the transmission. The sender and receiver(s) of the transmission share the SW, such that only the intended parties will receive the transmi
29、ssion, outlined as follows: 1) The Session Word is entered at the DSNG unit in the field, or at the transmitting earthstation. 2) The Session Word is entered at the receiving IRDs. 3) If the Session Words are the same, then the IRDs are able to decrypt the broadcast. 4) If the Session Words are diff
30、erent, then the broadcast is not received. ITU-T Rec. J.96 (07/2002) 3 The security requirements for fixed contribution systems are somewhat different to the DSNG model. The secure exchange of SWs is fundamental to such systems and is achievable by encrypting them. 6 Modes of operation The Scrambler
31、 must be capable of supporting the following three modes of operation: Mode 0: No scrambling. Mode 1: All components are scrambled by a fixed Control Word (CW), derived from a clear SW. Mode E: All components are scrambled by a fixed CW, derived from an Encrypted Session Word (ESW). The scrambling m
32、echanism, as defined in the DVB-CSA specification, shall be applied at the Transport level only. A Conditional Access Table (CAT) shall be present in the multiplex for BISS Mode 1 and BISS-E, although the table shall be empty as no Entitlement Management Message (EMM) stream will be present. NOTE A
33、Scrambler that only supports a subset of the defined modes of operation must do so according to an imposed hierarchy. A Scrambler providing support for Mode E must also support Modes 0 and 1. 7 Mode 0 The Scrambler must be capable of disabling the scrambling operation. In this mode, there will be no
34、 CA_descriptor in the Programme Map Table (PMT) and no Entitlement Control Message (ECM) stream. The Transport_Scrambling_Control bits of the Transport Packets will be set to “00“. 8 BISS Mode 1 Functional requirements 8.1 Overview This mode has been designed specifically for DSNG applications, fly-
35、away operations, emergency situations, etc. It may also be used as a fall-back solution while using the complete BISS-E system. In Mode 1, a fixed 12-character SW is inserted in the scrambler. The 64-bit CW is derived from the SW according to the DVB-CSA specification. Manual entry of the SW shall b
36、e in hexadecimal notation, with the digits entered most-significant-nibble first, i.e. from left to right as viewed in hexadecimal notation. For example, 0xA13DBC42908F would be entered in the following sequence: A,1,3,D,B,C,4,2,9,0,8,F Remote entry of the SW shall also be provided, although the spe
37、cification of that interface is beyond the scope of this Recommendation. The Scrambler shall ensure that the SW cannot be changed more than ten times in a 5-minute period and that there is a minimum of 10 seconds between changes. In this mode there will be a CA_descriptor in the PMT, present at prog
38、ramme level, but no ECM stream. A single unique CA_System_ID is assigned to identify BISS. The Transport_Scrambling_Control bits of the Transport Packets shall be set to “10“. 4 ITU-T Rec. J.96 (07/2002) 8.2 CA_descriptor The CA_descriptor which must be present in the PMT to support BISS is defined
39、in Table 1. Table 1/J.96 Conditional access descriptor Mode 1 Syntax No. of bits Identifier CA_descriptor() descriptor_tag 8 uimsbf descriptor_length 8 uimsbf CA_system_ID 16 uimsbf reserved 3 bslbf CA_PID 13 uimsbf Semantics CA_system_ID: This is a 16-bit field indicating the type of CA system appl
40、icable for the associated ECM streams. The value of this field for BISS is 0x2600. See 2. CA_PID: This is a 13-bit field indicating the Packet Identification Number (PID) of the Transport Stream packets that shall contain the ECM information. For BISS, no ECM information is required, so this field s
41、hall contain the value 0x1FFF. 9 BISS Mode E Functional requirements 9.1 Clear Session Word The unit shall be compliant with BISS Mode 1. It shall support the insertion of a 12-character clear SW through the front panel and through a remote control interface. It shall use the SW as specified in clau
42、se 8 (BISS Mode 1). The clear SW, once entered via the user interface or remote control port, shall not be readable through any unit interface. 9.2 Encrypted Session Word The unit shall support the insertion of ESWs through the front panel and through a remote control interface. The definition of th
43、e remote control port is outside the scope of this Recommendation. The ESW is a 16-character number that is transformed by the unit into a 12-character clear SW. The clear SW is then used by the unit to decrypt the broadcast according to clause 8 (BISS Mode 1). Once the ESW has been entered via the
44、front panel or via the remote control interface, it shall be impossible to read it back through any unit interface. The manual entry of the ESW shall be in hexadecimal form; the 16 digits are entered with the most-significant nibble first (i.e. the left-most nibble). For example, if the ESW is 0xF76
45、EE249BE01A286, it shall be entered in the following sequence: F,7,6,E,E,2,4,9,B,E,0,1,A,2,8 and 6 ITU-T Rec. J.96 (07/2002) 5 9.3 Decryption scheme 9.3.1 Overview The equipment shall include the following features: an identifier, denoted ID, comprising a 14-character hexadecimal word which shall be
46、injected by the user and shall be used as the default. The injected ID is mandatory. Optionally, in addition, the supplier may bury an ID. In this case, the user shall actively select the buried ID. a DES decryption function, denoted ( ), as described in 9.3.3. Additional functions may be supplied b
47、ut are beyond the scope of this Recommendation. a simple post-processing function, denoted P( ), as described in 9.3.4. The processing of the ESW in the unit to provide the clear SW is illustrated in Figure 1. A detailed specification of the Data Encryption Standard (DES) is outside the scope of thi
48、s Recommendation. J.096AMD.1F9.3.1Injected ID Buried IDActive ID selectionActive ID56 bitsMappingMapped Active ID64 bitsActivate post-processingReduction P( )ESW SW SW“ Clear SW64 bits 64 bits 48 bits 48 bitsf( )1= DESFigure 1/J.96 The signal processing required to produce a clear Session Word The m
49、apping of the ID is a simple expansion from 56 to 64 bits, by adding an odd parity bit after every 7 bits. The reduction of the decrypted SW from 64 to 48 bits is obtained by deleting the first and last bit of each byte. After the application of the post-processing function, P( ), the clear SW is obtained to feed the BISS equipment as in Mode 1. 9.3.2 Unit identifiers This Recommendation specifies two types of identifiers for each unit. 1) An injected identifier (IDi) which is a secret key embedded in the unit. This is man
