1996-03-31 - Re: [CRYPTO] Cable-TV-Piracy-Punks

Header Data

From: Mike Ingle <inglem@adnetsol.com>
To: perry@piermont.com
Message Hash: a576c8161ddb04da81286fb2bca409cfb38556f7cb7c415f843402cce917265c
Message ID: <199603310256.SAA00348@cryptical.adnetsol.com>
Reply To: <199603302117.QAA17076@jekyll.piermont.com>
UTC Datetime: 1996-03-31 12:01:43 UTC
Raw Date: Sun, 31 Mar 1996 20:01:43 +0800

Raw message

From: Mike Ingle <inglem@adnetsol.com>
Date: Sun, 31 Mar 1996 20:01:43 +0800
To: perry@piermont.com
Subject: Re: [CRYPTO] Cable-TV-Piracy-Punks
In-Reply-To: <199603302117.QAA17076@jekyll.piermont.com>
Message-ID: <199603310256.SAA00348@cryptical.adnetsol.com>
MIME-Version: 1.0
Content-Type: text/plain

The big latent assumption here being that you have only one-way
communication with the subscribers. DSS has a modem. It could get a new
key from a distribution center frequently - i.e. every day. Then the
pirates would somehow have to update their keys daily, in real time.
Once we have live packet communication (cable modems or ISDN D-channel,
for example) the keys can be changed minute by minute, if necessary.
Each new-key request is checked with a digital signature from the box's
key, and the KDC will not accept two requests for the same key. If you
clone the box, one or the other won't get a key. The pirates will have
to run their own network parallel to the legitimate one to distribute
the keys. Therefore piracy requires an ongoing organization, and is
subject to being tracked down.


> Mike Duvos writes:
> > Once you have both audio and video streams in digital form,
> > having ones encryption "hacked" is more a function of
> > cluelessness on the part of those engineering the encryption and
> > authentication mechanism than some latent vulnerability on the
> > part of the technology.
> Not true at all, Mike. Consider the threat model.
> You have a single satelite sending out a single encrypted stream to
> millions of people. Your goal is to let some people view the signal
> and others not view the signal in spite of the fact that some of the
> people viewing the signal might be willing to leak information (such
> as the keys!) to the people who aren't supposed to view it.
> In other words, you are trying to do something that no amount of
> technology can really do. At best, by using enough tamperproof
> equipment you can stave off the inevitable for a while.
> Perry