DOWNLOADABLE SECURITY DISCUSSION · Content Key encryption and renewal Local PVR...

1 Copyright 2015 Broadcom Corporation. All rights reserved.

DOWNLOADABLE SECURITY DISCUSSION

Bryant Tan May 2015


TRADITIONAL VIDEO PROTECTION

Cable (Client) STB

IP (Client) STB

OTT / Media Player

HDTV

xDSL Gateway

Tablet Smart Phone

Cable Gateway

xDSL

DBS STB

Portable DVR

PC

VoIP Gateway

C O N N E C T E D D I G I TA L H O M E

IEEE 1905.1

Cable (Cl

Por

Content Delivery

DBS STB

CG

DDBS STBD

Content Decoding B

B

VRDisplay 4K Video 4K Video

•  Content Protection

Cable

•  Platform Security •  CA/DRM descrambling •  Local PVR encryption/

decryption •  CableCard/smartcard

ent) B

layer

B

•  HDCP /1.4 for HDMI1.4 •  DTCP-IP for DLNA •  HDCP2.x for Miracast

Content/ Data/ Voice


CONDITIONAL ACCESS

  ARRIS   Cisco   CableCard   JCAS/KLAD   DTA/UDTA/HD-DTA   EchoStar   DIRECTV   Cisco/NDS   Nagra/Conax   Irdeto   Viaccess   Verimatrix   Latens   Secure Media


DIGITAL RIGHTS MANAGEMENT/DRM

  Ericsson Mediaroom   Widevine   Microsoft PlayReady (WMDRM Portable and Network Device)   DivX   Marlin/Intertrust   Netflix   VUDU   Amazon   Adobe   Pro:Idiom   Tivo   Rhapsody   YouView   CinemaNow   Pandora Internet Radio   Hulu   ViewRight Web


COPY PROTECTION

  Other Copy Protection System:   DVB-CI   DVB-CI+   CSS for legacy DVD   CPPM/CPRM   HDCP   DTCP   DTCP-IP

  Analog Copy Protection:   Macrovision   Dwight Cavendish Systems (DCS)   CGMS-A


MOVIELABS 1.1 SPECIFICATION

 Anti-Clone   Unique non-modifiable Hardware IDs/Keys per part

 Content Protection   Conditional Access (CA) Descrambling   Secure Key Path   Content Key encryption and renewal   Local PVR encryption/decryption   Watermarking and fingerprinting tracing   Secure Video Path   Memory Protection

 Platform Protection   Bootloader verification and Software Chain of Trust   Debug Interfaces Protection   Countermeasures for Side Channel Attacks   Trusted Execution Environment/TEE (Security Processor, TPM, TrustZone)


MOVIELABS 1.1 SPECIFICATION (CONT)

 Digital Output and Link Protection   HDCP1.4/HDCP2.2 for HDMI1.4/HDMI2.0   DTCP-IP for DLNA   HDCP2.x for Miracast   Different schemes from DRM and CA vendors

 Gateway/Terminal to Terminal Protection   SSL/TLS

  Breach Response   Intrusion Detection   Software Revocation and Renewal

 Certification/Robustness Rules   Common Security Method/Standard/Implementation   Liability


HIGH LEVEL SECURITY MODULES

TEE CPU 1) Non-Modifiable information

2) Root Key Derivation 3) Crypto Accelerators

4) 3rd Party Crypto Hardware 5) Secure Boot

6) Debug Interfaces Protection 7) Secure Key Path

8) Secure Video Path 9) Watermarking

10) Countermeasures

Intrusion Detection

Host CPU

Local Encryption/Decryption

Conditional Access

Descrambler

Memory Protection

HDMI Transmitter

(HDCP key protection)

External

Memory


BLACK BOX

SECURED CAGE

AUTOMATED TEST EQUIPMENT




(PRIVATE NETWORK)

HW/SW NIC

The black box is kept physically secure, with controlled and accountable access to the room/cage in which it resides

HW/SW NIC

HW/SW NIC

HW/SW NIC

BLACK BOX/UNIQUE KEY PROVISION SYSTEM


COUNTERMEASURES FOR SIDE CHANNEL ATTACKS

  Side Channel Attacks   Rather than Brute Force attack, these are attacks based on information gained from the physical implementation of a cryptosystem.

  Timing Attack   attacks based on measuring how much time various computations take to perform

  Glitch Attacks   Voltage, Frequency, .

  Power Analysis Attacks   Simple Power Analysis (SPA)   Differential Power Analysis (DPA)

  Electromagnetic Analysis Attacks   Simple Electromagnetic Analysis (SEMA)   Differential Electromagnetic Analysis (DEMA)

 


 Bootloader Verification/Decryption   Loader Verification/Decryption   Kernel/Rootfs Verification/Decryption

 TEE Software/Firmware Verification/Decryption, Renewability and Revocation  Decoder Firmwares Verification/Decryption, Renewability and Revocation  System Root of Trust  RSA Public Key Chain or X509 Certificates   Secure Bootrom or Security Processor

SOFTWARE/FIRMWARE VERIFICATION


COMMON SOFTWARE API FOR DOWNLOADABLE SECURITY MODULE

 Downloadable Security Software Module (security module driver/application to filter License Information (for eg EMM/ECM) and convert License Information into Key ladder information  Each CA/DRM vendor can download its own Security SW Module, after passing the RSA signature verification.  Need to define a set of common Software APIs and configuration file in loader SW so that we can download Security SW Module


  General overview of the different approaches for providing secure processing on SOC’s – TEE, Root of Trust, etc.

  General overview of the partitioning between hardware and software for security functions

  General overview of how secure areas are ‘partitioned’ so that secrets for different services are kept separate or managed

  General overview of the types of threats that are being addressed and any specific threats out of scope

  General overview of security testing techniques, weak links, etc

  General overview of manufacturing considerations and platform requirements for the security elements

  Thoughts on the security risk associated with using a common security method/standard for a broad range of uses

  The challenges associated with supporting secure downloading of software security functionality

  Specific adaptations made for secure processing of MVPD content – compare and contrast any differing requirements for each MVPD vertical

  Specific adaptations made for secure processing of OTT content

  General thoughts on the necessary business relationships needed for securing content, division of liability, etc.

  Relevant specifications, standards, certifications, IPR, licenses, etc.

Q & A

DOWNLOADABLE SECURITY DISCUSSION · Content Key encryption and renewal Local PVR...

Documents

Transcript of DOWNLOADABLE SECURITY DISCUSSION · Content Key encryption and renewal Local PVR...