Information AboutNagravision |
| CATEGORIES ABOUT NAGRAVISION | |
| digital television | |
| digital rights management | |
|
DIGITAL SYSTEMS Two versions of Nagravision are in common use for digital satellite television, known as Nagravision 1 and Nagravision Aladin respectively. The decryption unit is either integrated into a receiver, available as a Conditional Access Module (CAM), or as one of many encryption schemes supported on a CAM Emulator . Like most Pay-TV Conditional Access systems, the Nagravision systems have suffered successful attacks, in which the software running in the supposedly Tamper-resistant Secure Cryptoprocessor s used in the decoders or their smartcards was extracted and analysed. The knowledge gained helps to design clone cards and "patched" receivers for Pirate Decryption , although the systems can recover from these attacks by regular encryption key-changing, or replacement of the decryption cards. ANALOG SYSTEM An older Nagravision system for scrambling analog satellite television programmes was used in the 1990s, for example by the German pay-TV broadcaster ''Premiere''. In this line-shuffling system, 32 lines of the PAL TV signal are temporarily stored in both the encoder and decoder, and read out in permuted order under the control of a Pseudorandom Number Generator . A Smartcard security Microcontroller (in a key-shaped package) decrypts data that is transmitted during the blanking intervals of the TV signal and extracts the Random Seed value needed for controlling the random number generation. The system also permitted the audio signal to be scrambled by inverting its spectrum at 12.5 kHz using a Frequency Mixer . Like with most smartcard-based Conditional Access systems, the smartcards used with the analog Nagravision system were repeatedly reverse engineered by hackers, which allowed the production of clone cards and "patched" receivers. However, the analog Nagravision system was the first widely used cryptographically controlled Conditional Access system that was broken in a way that bypassed the Tamper Resistance of its smartcard entirely and from which no recovery was possibly by replacing all smartcards. The weakness exploited by this attack is the Random Seed value that is used to control the descrambling process. It is only 15 bits long and by the late 1990s, even low-cost home computers with Frame Grabber s were computationally powerful enough to try all 215 = 32768 possible permutations of video lines for each frame in Real Time . Software decoders were written that selected of this small number of possible permutations the one that maximized the similarity of neighboring image lines in the resulting image and displayed the result. The scrambling of the audio signal was not a cryptographically controlled process and can easily be undone using the same Frequency Mixer circuit used for scrambling. EXTERNAL LINKS
|
|
|