• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.2
• /
• pp.75-82
• /
• 2013

CAS (Conditional Access System) is a content protection solution that restricts access to the system according to user's standing and only authorized users can access the content in a pay-TV system. DCAS (Downloadable Conditional Access System) can download CAS client which is a software implemented via network. In recent years, research and development has been carried out on DCAS to solve the problems of compatibility among heterogeneous devices and internetworking with other services. In this paper, we propose key generation and management scheme for efficient interoperability among different DCASs based on PBC (Pairing Based Cryptography).

• ETRI Journal
• /
• v.32 no.2
• /
• pp.204-213
• /
• 2010

In this paper, we investigate the possible security threats to downloadable conditional access system (DCAS) host devices. We then propose a DCAS secure micro (SM) and transport processor (TP) security protocol that counters identified security threats using a secure key establishment and pairing management scheme. The proposed protocol not only resists disclosed SM ID and TP ID threats and indirect connection between TA and TP threats, but also meets some desirable security attributes such as known key secrecy, perfect forward secrecy, key compromised impersonation, unknown key-share, and key control.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.161-174
• /
• 2009

IPTV provides their services only for their subscribers who have a eligibility to watch it by using Conditional Access System(CAS). CAS has been servicing their contents for subscribers by using set-top box or cable card so far, but these days, to solve the compatibility between kinds of devices, linkage with other services as DRM and confirming stability, the research of Downloadable CAS(DCAS) is being advanced steadily. On this paper, we analyse the vulnerability of DCAS based on the OpenCable and make up for the vulnerability in DCAS, then proposes to use secure DCAS system for IPTV. Also we show the result of the research and analyse the satisfaction of requirements.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2010.07a
• /
• pp.32-35
• /
• 2010

This paper presents an efficient monitoring method of a network protocol for a downloadable conditional access system (DCAS) that can securely transmit conditional access software via a bi-directional communication channel. In order to guarantee a secure channel based on mutual authentication between a DCAS head end server and set-top boxes, DCAS messages are encrypted and digitally signed. Owing to applied cryptographic algorithms, it is impossible to get information from messages directly without additional processing. Through categorizing DCAS messages into several groups, the proposed monitoring method can efficiently parse and trace DCAS messages in real-time. In order to verify the stability and effectiveness of the proposed monitoring method, we implement a DCAS monitoring system capable of capturing and parsing all DCAS messages. The experimental results show that the proposed monitoring method is well designed.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2011.07a
• /
• pp.116-118
• /
• 2011

최근 유료 방송 서비스를 위한 제한수신 시스템의 적용에 있어 지적되었던 여러 문제들을 해결할 수 있는 DCAS(Downloadable Conditional Access System) 기술이 소개되었다. 또한, OpenCable과 DCAS를 기반으로 국내 디지털 케이블 방송 시스템을 위한 교환가능형 제한수신 시스템(eXchangeable CAS: XCAS) 표준이 재정되었다. 본 논문에서는 DCAS와 국내 XCAS 표준 규격을 기반으로 개발된 다운로드형 제한수신 시스템을 소개하고, 개발된 시스템의 성능 검증 결과를 제시하여 상용 유료방송 시스템에 적용하는 방안에 대해 논하고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.3
• /
• pp.53-65
• /
• 2010

Conditional Access System (CAS) is a core security mechanism of IPTV SCP (Service and Content Protection) which enables only authenticated user to be able to watch the broadcasting contents. In the past, it was general that CAS was built in Set-Top Box (STB) as hardware or as a detachable cable card. However, numerous researches in Downloadable CAS (DCAS), where users can download CAS code in their STB through their network, have been recently conducted widely due to the lack of security and scalability problem. In this paper, the security requirements of OpenCable based DCAS which is typical example of downloadable IPTV SCP will be derived, the novel authentication and key management scheme will be proposed by using the Authentication Proxy (AP) which is the core DCAS. Also, the benefits of the proposed system will be evaluated by comparison and analysis with preceding research.

• Review of KIISC
• /
• v.22 no.1
• /
• pp.73-85
• /
• 2012

현재 국내 IPTV 서비스에서는 콘텐츠 보호를 위해 기존 방송 보호시스템인 제한수신시스템(CAS)과 디지털저작권관리(DRM) 기술을 혼용하여 사용하고 있다. 하지만 사용자는 가정의 셋톱박스에서 뿐만 아니라 모바일 단말을 통해서 IPTV 콘텐츠를 시청하고자 한다. 이는 셋톱박스의 콘텐츠나 채널을 모바일 IPTV 와 연계하는 것을 요구한다. 본 논문에서는 모바일 환경에서 셋톱박스에서 공유되는 콘텐츠나 채널을 모바일 단말까지 안전하게 공유하기 위해 요구되는 보안 문제점을 도출하고 이에 따른 보안 요구사항을 도출하며, 이를 기반으로 DCAS(downloadable conditional access system) 을 위한 보안 프레임워크를 제안한다. 또한 기존의 SRP 프로토콜[7]을 기반으로 키 교환 프로토콜을 구성하여 셋톱박스와 모바일 IPTV의 안전한 콘텐츠와 채널의 공유가 가능한 DCAS용 인증 프로토콜을 제안한다.

• The KIPS Transactions:PartC
• /
• v.17C no.5
• /
• pp.407-414
• /
• 2010

A condition access system (CAS) refers to a hardware-based system that allows only authenticated users to have access to contents. The CAS has many disadvantages found in that in the replacement of multiple service operator (MSO) a set-top box should be also changed and the smart-card often causes malfunction. To deal with the problems, exchangeable CAS (XCAS) was developed in 2009. However the standards or evaluation schemes for XCAS are absent. Existing evaluation schemes are not appropriate for evaluating XCAS due to the evaluation standard, the evaluation cost and efficiencies. Therefore, a specific scheme that can evaluate the security and suitability of exchangeable conditional access systems has been requested. In this paper, we propose an appropriate evaluation scheme for XCAS. The evaluation scheme includes an evaluation purpose and four components to evaluate the evaluation target, the evaluation process, the evaluation subject, and the evaluation cost involved.