Videocrypt An Overview Researched and written by Darren Ingram, author of Satnews - Satnews.. the latest and non-Commercial satellite news - Version 1.34 - 14.05.91 Note: This file acknowledges all trademarks and their respective owners where mentioned in the text. All rights reserved (C) 1991. -- Index: Introduction Requirements Features and applications Scrambling Customers Appendices INTRODUCTION Videocrypt is a pay-tv scrambling system jointly developed by Thom- son Consumer Electronics and News Datacom. Over one million users receive Videocrypt encrypted signals and this system, has to date, remained secure from illicit decoder manufacturers, protecting the revenue of Videocrypted television channels. REQUIREMENTS Videocrypt is a multi-standard encryption system which is suitable for PAL, NTSC and SECAM transmissions. Language is no barrier for Videocrypt with its capacity for multi-lingual transmissions and broadcasts utilising a comprehensive on-screen instruction menu. Features and applications A smart card is the central key to the Videocrypt system, and the card can be used for a variety of diverse applications. The card is pre-coded to determine a users requirements and it can subse- quently be addressed utilising the decoders logic to amend the users services at the broadcasters will. There are a number of broadcasting modes which the smart card can be used within including: Clear Mode Signals sent in the clear are recognised by the decoder and passed to the display without further processing. Free Access Pictures transmitted with an encryption key are delivered directly to the display through the decoder. Controlled Access Access to encrypted pictures is determined by the level of access authorised to the users smart card. No signals will be transmitted in an unencrypted state without prior authorisation. Programmes can be tailored to usage with the Videocrypt system and the system offers a flexible way for pay-tv operators. There are a number of operations mode offered as standard including: * Single or multiple subscriptions with many tier levels in one channel * Pay Per View (PPV) and impulse purchasing * Thematic selection (enable all arts programming) * Geographic limitation (restrict to a country/area) * Single-event (throwaway cards) * Parental Control (reception with card only) * Pre-determined time period Videocrypt enables smart cards to be pre-programmed to suit the specific programming requirements. Smart card - providing the revenue security Security can be addressed on a multitude of levels when using the smart card. These include: Chaining An existing customer would receive a new card which contains part of the new code, the remainder of the code would be transmitted when the card is inserted into the decoder and the subscriber compiles with the instructions contained within the on-screen graphics. Over-the-air addressing Systems operators can now address individual subscribers, which is a vast improvement over other scrambling systems. The operator can provide additional services, reduce service entitlements, send individual messages, blacklist and/or whitelist viewers. Cloning A number of steps have been taken to stop smart cards being copied or cloned. A physical deterrent is the first line of defence, and the integrated circuit contained within the card makes "probing" very difficult as the IC is likely to become damaged in the process. Cost is a second factor which is likely to deter manufacturers of illegal decoders. A considerable amount of time, trouble and expensive resources would be required to clone the card. The manufacturers of Videocrypt recommend that the cards are re- placed every six months, and each time this is done a "secret en- crypting algorithm" will be changed. Any pirate decoders manufac- tured during this time would be relatively useless. And should a pirate decoder be manufactured, it will contain a unique security code, which could be blacklisted by the systems operator once the code has been discovered - leading to calls of complaint by angry customers. Video taping Videocrypt offers an simple method of tracking down pirates who video high-value programming and then distribute it. The customers unique number can be displayed on the unencoded screen for reference and future litigation. Although an on-the-screen code can be generated for signals piracy in a public place, the codes can be hidden in the picture - and retrieved by a technician at a later stage. Videocrypt-your flexible friend? Videocrypt can be used in a number of applications other than tv signals protection. They include: Messaging, messages can be transmitted to individual subscribers or to a group, so target messaging is now a potential. Messages like: "Satellite owners in LONDON call 081 XXX XXXX now for a great bar- gain". Selling, sales over the air can be utilised with the unique identity number which verifies an owner and their registered address. Data can be matrixed with a user personality during ad-breaks to tailor- make the advertisement. A unique transaction alphanumeric can be displayed on the TV screen, and the subscriber will telephone a given number and quote the alphanumeric - and the deal can then be completed in total security. SCRAMBLING The majority of scrambling systems currently on the market are dependent on analogue processing circuitry, and it is a hard task to get a secure system without picture deterioration. Videocrypt can encode and decode a picture without degradation. The crux of the scrambling system evolves around a patented develop- ment of Active Line Rotation (Cut and Rotate principle). Every line of the signal is cut at a number or points along its length, and this is chosen at random by a 60 bit psuedo random binary sequence generator (PRBS). As each cut point differs from the next the signal has no viewing value to an unauthorised recipi- ent, but authorised recipients decoders recode the picture so that the true state of the unscrambled line is always first out for display. The PRBS is re-seeded at times too, to enhance the security of the system even more. Before this ALR process can take place, the decoder needs to be aware of the cut point on each of the transmitted lines, this is provided within the encryption process. Each decoder utilises an PRBS which reflects the characteristics of the system so that the two halfs can be synchronised and a viewable picture displayed. Data is transmitted in a series of over-the-air packets, which looks like: SYSTEM-----SMART or BLACKLIST The system comprises of system data included Fiat-Shamir identifica- tion information, on-screen display messages, fingerprinting and blacklisting data. The smart card packet comprises of: HEADER-----ENCRYPTED DATA-----CHECKSUM The Videocrypt encryption system is based around a tightly-guarded secret which has defeated system hackers throughout the world. A final control algorithm is central to the systems security and this can be changed at will if the system has been hacked. Complex calculations are performed within the system in order not to compromise its security. But hackers who have attempted to hack the decoder will be disap- pointed - as there are no secrets held within the system. Smart Cards The smart card offers great flexibility to the programme controller and the viewer alike, and is the key to the Videocrypt system. The Integrated circuits incorporated within the smart card have a lot of power and contain EPROM elements which are partially burned during their manufacture. The ICs are buried within the design to make the system harder to penetrate. Smart card block diagram ------- ------- ------- VCC -> - RAM - - ROM - -EPROM- ------- ------- ------- ^ ^ ^ TO AND FROM ------------------------------- GND -> - INTERNAL BUS - ------------------------------- TO AND FROM ------- ------- ------- -8 BIT- -ANTI - -S/WRE- RST -> -CPU - -FRAUD- -CNTRL- - - -DVCES- -I/FCE- ------- ------- ------- CLK VPP I/O Over the air addressing Algorithmic information is transmitted to the viewer over the air, encrypted within the Videocrypt system. This data is transmitted within the Vertical Blanking Interval (VBI) and four lines are employed for active data and two others, one white and one black (for test purposes). An application of Non Return To Zero (NRZ) with an constant energy spectrum maximises the systems characteristics. Four picture-sustaining techniques are used to ensure a high quality picture. Bit interleaving, hamming codes, quadruple repetition and check sums are used within the process. The system can cope with fringe reception areas and will still function correctly with high levels of noise. Picture quality Picture quality is paramount for any scrambling system and due to the standard being of a digital origin, integrity of the signal is maintained throughout the encryption and de-encryption process. Amplitude sampling is conducted by the decoder and a 14MHz internal clock ensures jitter-free pictures and unstable framing. A digi- tally derived Automatic Gain Control (AGC) is also included within the receiver. Scrambling Sound Videocrypt also has the capability of encrypting sound sources to enhance the security of premium events. To date this level of security has not been utilised by broadcasters. The system of spectrum inversion renders the sounds received without authorisation worthless. Videocrypt transposes the frequencies transmitted and this in turn removed distortion of the sound. CUSTOMERS The British Sky Broadcasting channels are the first and only client to use the Videocrypt system in Europe. Sky Movies was the first channel to encrypt with Videocrypt on 05/02/90. The Movie Channel and Sky Sports commenced encryption in April 1991, following the launch of Astra 1B In August 1990 an order for 10,000 Videocrypt decoders were ordered for an Asian satellite television network called Topaz. The British Broadcasting Corporation (BBC) have announced plans to use Videocrypt on their BBC Select service, and a number of other stations are actively considering its use on satellite links, although no other intentions have been made. APPENDICES Technical Data (supplied by Thomson Consumer Electronics, 1991- subject to change) VIDEOCRYPT BASEBAND DECODER * Stand alone video decoder * On screen display * De emphasis switch * Authorise button * Integrated smart card reader * Power indicator PAL MODEL Video input level IV +/- 3dB flat and clamped Baseband input level 250 mV +/- 3dB, unclamped level measured at pre-emphasised transition frequency Suitable de-emphasis CCIR 405-1 Video output level IV p.p. into 75 ohms Video bandwith 50Hz - 4.8 Mhz -3dB typical Line tilt <_ 1% typical Luma/Chroma Delay +/- 50nS typical S/N ratio: 50dB typical weighted CONNECTIONS AV Peritel (Scart) Audio loopthrough Left and right Pin 8 High with scrambled video input Low with clear video input Pin 16 5v 50mA maximum for external modulator (OPTION) MISCELLANEOUS Standards Designed to IEC 65 Operating Temperature Range 5-40 C Mains Input 216-255 V AC 50 Hz Power Consumption 15W Weight 2.5Kg VIDEOCRYPT ENCODER (PAL/SECAM/NTSC) * 19" rack mounting * Active line cut and rotate * Twin or single scrambler * Separate power supply * Integrated cooling unit * Data for control access in the VBI * RS232 interface Video input level IV 75 ohm Video output level IV peak to peak +/- 2% 75 ohm Line tilt 0.5% typical Base line distortion 0.5% typical Chrominance to luminance 3% typical 2T/Bar ratio 2% typical Synchro level 1% typical S/n ratio RMS weighted >_ 67dB Chrominance luminance: intermodulation <_ 2% differential gain 1% typical differential phase 1" typical luminance non-linearity 1% typical chrominance/luminance delay +/- 10nS typical video bandwith at 3dB >_ 5.8 Mhz Output DC level 300 mV +/- 50 mV Sampling frequency rejection >- 50dB at 14 Mhz Number of bits per sample 10 CONNECTIONS Connections to security comp RS232 Local VT100 terminal ditto Video in BNC 75 ohm Scrambled video out BNC 75 ohm MISC Local terminal functions are to show working parameters give warnings control local remote autonomous Select scrambling mode clear free access control access Mains input low pass filtering Audio scrambling using spectrum inversion 0dB/600 ohm (optional) ENDS ------------------------------------------------------------------------ Quotes from INSIDE DIRECTV's IRD, Satellite Retailer, March 19 "The technology is owned by News Datacom, which is a wholly owned subsidiary of News Corporation (whose operations include FOX BROADCASTING ((as in NFL backhauls)), Twentieth Century Fox Film, and a 50 percent interest in British Sky Boradcasting Ltd.). The "zero knowledge" authentication technology which supports the VideoGuard and VideoCrypt systems were developed by Professor Adi Shamir, professor of applied mathematics at the Weizman Institute in Rehovet, Israel, and Dr. Amos Fiat. It is this algorithm, along with more traditional encryption schemes, like DES, which form the technological foundation of the system. The VideoCrypt decoder is itself based on a cut and rotate method of scrambling. According to Dr. Dov Rubin, technical director for the Israel-based News Datacom, the encoder selects lines at random points within the television picture at the exact moment of transmission. The lines are reversed and broadcast so the picture is unintelligible. The specific location of the encoder's cut points is proprietary and critical to the security of the unit. As such, the VideoCrypt system employs "special techniques" to disguise the cut points. The location of the cut points is fed into the system through the Security Encoder Computer by way of a card reader and smart card. This PC also accepts input from the Security Database Computer which acts as an interface to the Subscriber Management System and the program scheduling system. The Security Encoder Computer generates packets of data which combine program identification and scheduling information with a random number. The packets of data are fed to the smart card, which processes the information through a secret algorithm to produce a seed for the Pseudo Random Bit Sequencer (PRBS). This process produces a string of eight-bit numbers, which determine the cut point for each line. The packets of information fed to the card are also transmitted over the air. There are no secrets in this information. The decoder extracts these data packets and feeds them to the smart card in the decoder, which contains the same algorithms as the smart card in the encoder. The same seed is therefore produced, and a similar PRBS reproduces the same cut points, allowing the decoder to cut the lines in the same place as the encoder and reconstitute the picture..........Imperative to the security of the system is that the starting number is "hidden" from view. In essence, the VideoCrypt smart card is an active security device. it is not something that passively holds keys, as does the other systems. The purpose of the VideoCrypt smart card is intrinsically tied to the process of authorization. Therefore, when the smart card is changed and replaced by a programmer for any reason, including a break in the security of the system, the entire decryption/authorization process may be redesigned and re-issued without affecting the utilization of the decoder." "As an example ((of NDC advanced techniques)), VideoCrypt uses the Fiat-Shamir zero knowledge algorithm, which allows the decoder "to determine if the card inserted in the decoder is valid." According to the company, the zero knowledge characteristics of the decoder stops the proliferation of cloned cards should any one card be compromised. Adding further to the pirate's cost is the type of micro-processor used in the smart card. The processor is itself secure which means that it is not easy to read the information stored on the card or monitor the data which flows from the card to the decoder. A special and expensive electron microscope would be required to dismantle the microprocessor and "in most cases, the electron microscope would destroy the charge before the pattern could be determined," says News Datacom." "The strategy ((issuing new smart cards)) seems to have worked as there have been no reports of a pirated VideoCrypt since its entrance into the market in 1989. VideoCipher, on the other hand was pirated within six month of its introduction in 1986." "What's most interesting about VideoCrypt, which is designed and manufactured by News Datacom, is that while the product appears to be more secure than VideoCipher, its cost is appreciably less. A direct cost comparison is hard to come by. However integrated receiver descramblers in the US sell for between $700-$1500 compared to $260 in England, and a US dishowner upgrading to the VideoCipher RS will plunk down between $300 and $400, while the decoder portion of the Sky Television receiver amount to under $150."