DVB security upgrade long overdue, says Farncombe

October 26, 2009

A leading consultancy has called for a replacement for the DVB Common Scrambling Algorithm (CSA), arguing that the growing ubiquity of residential always-on fast internet access has exposed a flaw in the system.

Farncombe Consulting Group says the practice of detecting and sharing control words as they are passed to the CSA is at a point where the pay-TV business is beginning to face the same illegal downloading practices that have undermined the music sector. The company believes the presence of the hardware-based system is also distorting the market, adding to the cost of in-home distribution.

“If just one of an operator’s set-top boxes is hacked in a way that the control words can be extracted then there are websites that can put them up on the internet and everyone with a standard DVB device can see a paid service for nothing,” warned Farncombe’s founding partner Andrew Glasspool. “If the operator’s scrambling [algorithm] was in some way different then only its own subscribers would be able to receive the control word.”

Farncombe acknowledges that there were sound reasons for the introduction of a common algorithm. It underpins the Simulcrypt system used by regulators to promote competition between pay-TV operators. It also lowers the entry-barrier for new CA vendors, and allows operators to swap between different CA systems relatively easily. Farncombe believes that any replacement for the CSA should aim to replicate these benefits.

Dr Peter Siebert, executive director of the DVB Project Office, said that the organisation had already developed a new version of the CSA. Senior technology figures from NDS, Nagra, Irdeto, Viaccess and large pay-TV broadcasters had created a new algorithm for the broadcast market known as CSA3 that doubled the length of the control word to 128 bits. “It fits that if we have a second generation version of DVB, then we should also have a second generation of the Common Scrambling Algorithm”.

Farncombe is aware of the work that has been done in CSA3, but Farncombe’s white paper argues the creation of a more robust version of the algorithm itself, which is what CSA3 does, doesn’t really address that issue. “The original algorithm used in the CSA has never been cracked: the problem lies in the way in which the CSA is implemented – viz control words are at some point passed in the clear to the CSA hardware, and can therefore ultimately be discovered and shared.”