Source Authentication for IPTV System

Source Authentication for IPTV System*

Ki-Eun Shin1, and Hyoung-Kee Choi

1

1School of Information and Communication Engineering

Sungkyunkwan University, Suwon, Korea [email protected], [email protected]

Abstract. Presently, the demand for IPTV, to satisfy a variety of goals, is ex-

ploding, and IPTV is coming into the spotlight as a killer application in upcom-

ing IP convergence networks such as triple play which is the delivery of voice,

internet, and video service to a subscriber. IPTV utilizes CAS that controls sub-

scriber access to content for a profit. Although the current CAS scheme pro-

vides access control via subscriber authentication, there is no authentication

scheme for content transmitted from service providers. Thus, there is vulnera-

bility of security, through which an adversary can forge content between the

service provider and subscribers and distribute malicious content to subscribers.

In this paper, we proposed efficient and strong source authentication protocols

which remove the vulnerability of the current IPTV system, based on a hash

tree scheme. We also evaluate our protocol from the viewpoint of IPTV re-

quirements.

1 Introduction

Entertainment is big business all over the world. The annual residential cable TV

revenue and the number of subscribers are rapidly increasing. High-bandwidth IP

infrastructure is now propagating such as VDSL, FTTH, and FTTB to make it possi-

ble to provide high quality and variety services. As of September 2007, the number of

IPTV subscribers in Korea is over 650,000 and rapidly increasing [1]. IPTV services

are initially targeted by traditional telecommunication service companies (Telcos).

Eventually cable TV companies and network operators rush to the golden opportunity

presented.

IPTV provides various services so called triple play which is the delivery of voice,

Internet, video services to a customer. IPTV provides bidirectional service that im-

proves the conventional one-way service broadcasting and transfers commercial grade

SD and HD entertainment quality and on-demand video content over IP-based net-

works, while meeting all prerequisite quality of service, and quality of experience. A

subscriber utilizes channels and content that s/he wishes to enjoy. IPTV delivers di-

verse and subdivided content to meet these requirements. A service provider offers

* “This research was supported by the MKE(Ministry of Knowledge Economy), Korea, under

the ITRC(Information Technology Research Center) support program supervised by the

IITA(Institute of Information Technology Advancement)” (IITA-2008-C1090-0801-0028)

mailto:[email protected]

chargeable content at a profit. A service provider utilizes Conditional Access System

(CAS) [2][3] to control the subscriber access to content. That is, an authorized sub-

scriber could access content via subscriber authentication. For instance, a subscriber

who pays for specified content can only utilize that content.

Although current CAS provides access control via subscriber authentication, there

is no authentication scheme for the content provided by a service provider. Current

CAS provides content protection via a scrambling algorithm, a form of encryption.

The scrambling algorithm uses encryption key, CW, published to a group of autho-

rized subscribers through a regular process. Hence, any member of the authorized

subscriber group, who holds CW, can be an insider attacker. S/he can forge content

and distribute that content to subscribers by making use of an authentic CW. Thus,

there is a security vulnerability, whereby an adversary can forge content between the

service provider and subscribers and then squeeze forged content into an authentic

stream. For instance, it is possible for an adversary to forge stock quotes both profit-

ing from this and causing societal problems.

In this paper, we propose novel source authentication protocols based on a hash

tree scheme. It provides low authentication latency, resilience of packet loss and DoS

attack for a data stream such as live streaming and Video on Demand (VoD) provided

by the service provider, which solves the problem of the vulnerability of the current

CAS and provides the evidence through non-repudiation in the case of subsequent

disputes.

The remaining part of this paper is organized as follows. In Section 2, we introduce

the related work on source authentication protocol and requirements of source authen-

tication for IPTV system. Section 3 presents CAS architecture and explains important

signaling messages more detail for our protocol. In Section 4, we introduce the Merkle

tree (MT) [4] and detail our proposed protocol. In Section 5, we analyze our proposed

protocol from the viewpoint of security and performance aspects based on the IPTV

system requirements. We finally conclude this paper in Section 6.

2 Related Work

Broadcasting is an efficient way to deliver multimedia resources, such as real-time

video or stock quotes to a group of receivers rather than unicasting due to limited

network resources. Source authentication prevents not only receivers from suffering

forged resources but also a sender from denying transmitting message. Source authen-

tication has been an important topic in broadcast until now, but source authentication

for multimedia streaming is hard to solve due to communication and computation

overhead.

There have been many studies about broadcast source authentication. Park et al.

proposed SAIDA [5], to provide source authentication resilient to packet loss through

signature amortization. However, Source verification involves buffering on the receiv-

er side to reorganize the signature from the amortized signature and a high computa-

tional overhead to reorganize the signature, this results in high processing latency.

Perrig et al., proposed EMSS [6], based on signing a small number of packets in a

data stream to provide non-repudiation, high loss resistance, and low overhead. Each

packet is linked to a special packet that is signed via hash chains. On the other hand,

EMSS has high verification latency that makes it impossible to provision real time

service, a significant requirement of IPTV.

Perrig et al. introduced TESLA [7], which also provides a fast and light-weight ve-

rification scheme through hash chaining of symmetric keys and later disclosure of

those keys. However, TESLA does not provide a non-repudiation service and needs

time synchronization between a sender and receivers. The length of hash chaining is

limited due to hash collision. The sender should commit the one-way key chain and

broadcast it periodically to use TESLA with an infinite stream, such as a video stream.

Fig. 1 depicts IPTV security elements and X.805 network security layer recom-

mended from ITU-T [8]. Since there are various security threats, we focus on content

security threat such as interception, unauthorized viewing, and redistribution.

IPTV has to provide real time services such as live streaming and stock quotes.

SAIDA and EMSS could not offer real time services, due to high processing latency

which, makes subscribers wait for a moment to watch TV, and it causes authentic

packets to fail the verification process, due to forged packets squeezed into a stream.

TESLA could not offer non-repudiation service, an important factor of source authen-

tication to provide evidence of transmission in case of later disputes between a service

provider and subscribers.

3 Conditional Access System and Requirements

IPTV has security components such as DRM and CAS. DRM is access control tech-

nologies used by a publisher and other copyright holders to limit usage of digital me-

dia to protect content provider’s profit. Conversely, CAS is a system that limits digital

media to subscribed clients according to the entitlement to protect service provider’s

profit. It manages subscribers to protect service provider’s profit through granting the

entitlement to watch TV and controls these entitlements. Each service provider has

Content

provider

Optional

Service

provider

IPTV

terminal

Home

gateway

Content security threats

Su

bscrib

er security

threats

Application

security layer

Service

security layer

Infrastructure

security layer

Service security threats

Network security threats

Terminal device

security threats

X.805 Network

security layer

Fig. 1 IPTV security elements and X.805 network security layer

developed his own CAS, because until now, there has not been a CAS standard. CAS

frameworks and fundamentals are almost universal.

The CAS security component consists of scrambling and encryption for access con-

trol. CAS protects the data stream via scrambling. Fig. 2 and Fig. 3 show CAS struc-

ture and subscriber authentication respectively.

The service provider scrambles the data stream (i.e. such as video and audio), a

type of MPEG-2 Transport Stream (TS), allows only valid subscriber viewing. An

authorized subscriber can generate original TSs by descrambling the scrambled stream.

CAS makes use of a hierarchical key management scheme to provide conditional

access. There are three keys: Master Private Key (MPK), Authorization Key (AK),

and Control Word (CW). CW is a random number, used to scramble and descramble

TSs. CW is updated via frequent, encrypted broadcasts, using an AK to restrict illegal

viewing. CW is common to authorized subscribers. AK is a type of group key, used to

encrypt the CW for each subscriber. Encrypted CW is sent with an Entitlement Con-

trol Message (ECM). AK, which is encrypted with Master Private Key (MPK), is

transmitted to the subscriber with an Entitlement Management Message (EMM) via a

unicast. It consists of information such as contract information for individual receivers,

by broadcasting over a relatively long period. MPK is a secret unique key kept in

every receiver. The service provider stores MPK off-line in a smart card within each

subscriber’s Set-top Box For instance, MPK is stored when the Set-top Box is taken

from a warehouse or the subscriber installs Set-top Box through a service provider.

Two kinds of message, ECM and EMM, are transmitted to control and manage

conditional access of subscribers,. ECM is injected into TSs stream by the service

provider to offer entitlement information and to update CW and AK according to the

key update schedule. The subscriber could descramble the content, obtaining CWs and

AKs transmitted within ECM and EMM respectively.

ECM and EMM are important signaling messages enabling security and entitlement.

Thus, the service provider signs these messages via a digital signature scheme to pro-

vide integrity and authenticity. The subscriber can check the validity of these messag-

Encrypted CW Signature

Encrypted AK Signature

ECM Authentication

EMM Authentication

Signature check

Signature check

Authentication server

SAS SMS

ECM

EMM

Encryption key : AK

Encryption key : MPK

Smart card manager

Smart card

X.509 certificate

Decrypt

Decrypt

MPK

AK

Off-line key distribution

EMPK(AK)

EAK(CW)CW

Message CAS module

Service Provider Set-top bex : key manager (Smart card)

CAS

Fig. 2 Conditional access system

es through signature verification and is granted use of specified content for which s/he

pays.

CAS provides authentication scheme for ECM / EMM and for subscribers’ authori-

zation. However, there is no source authentication scheme for the stream transmitted

to subscribers. Since all subscribers could get CW, which is used to scramble stream,

a malicious subscriber, not having the right to broadcast the stream, could forge a

stream (i.e. poisoning content or illegal content distribution) and re-scramble that

stream with CW, transferring it to subscribers. Thus, IPTV is vulnerable to an attack

that forges a stream and squeezes the forged stream into an authentic stream to cause

illegal stream distribution or DoS attack. Hence, IPTV service should provide source

authentication to prevent these attacks.

A service provider who has authority to provide content could broadcast fabricated

content to harvest an illegal profit. For instance, a service provider could forge stock

prices and broadcast forged data. Accordingly, source authentication for IPTV should

provide non-repudiation service to prevent a service provider who forges content

denying what s/he sent.

A new source authentication protocol is needed to, to replace the above two proto-

cols, to meet the requirements of IPTV needs. Important factors for IPTV source

authentication are summarized below.

1. Each packet in the stream could be used as soon as it is received.

2. If there is packet loss, subscribers could verify the remaining of packets.

3. If there is a Denial of Service (DoS) attack from an adversary, subscribers could

withstand it.

4. Source authentication for IPTV has to provide a non-repudiation service not to

deny content transmission.

5. Computation and communication overhead may be low to provide flexible service,

such as broadcasts to mobile phones.

Subscriber CASCAS Authentication Request

EMM = [EMPK(AK), AP] sign

IGMP Join

Distribution Server

Transport Stream by Multicasting with

ECM = [EAK(CW), CP] sign

Certificate, Subscriber Authentication Request

Authentication OK, Certificate

Authentication OK

IGMP Leave

Update Subsriber Information

Update OK

Fig. 3 Subscriber authentication

4 The Proposed Protocol

IPTV source authentication should be efficient both to the service provider and to the

receiver to offer real-time broadcasts. The efficiency of authentication verification

process on the subscriber side, where the computing power of Set-top box is not gen-

erally powerful, is more important than generation of authentication data on the ser-

vice provider. The service provider and the subscriber have to be robust withstand a

DoS attack, to offer stable service under an attack, and provide non-repudiation ser-

vice for later disputes.

Generally, the means of authenticating a source is either a symmetric key, pre-

shared between a sender and a receiver, or a digital signature via an asymmetric key.

Symmetric key operation is faster than asymmetric key operation. However, if a sym-

metric key is applied to source authentication under group communication, a sender

and the remaining n group members should share n number of Pre Shared Keys

(PSKs) to distinguish source from group members, and the sender has to construct n

MACs (Message Authentication Codes). This is not applicable in the case of message

broadcasting because the complexities of MAC computation and communication are

O(n).

Thus, utilization of a digital signature scheme is a popular method of source au-

thentication for broadcast messages. A digital signature can provide adequate authen-

tication services that include message integrity and non-repudiation service, but it is

too expensive to generate and verify these signatures. There is high latency of verifica-

tion on the receiver side that reduces the quality of service. Hence, an IPTV service

requests efficient source authentication protocol that enables real-time broadcasting. A

naive solution is to sign a minimum number of packets with a digital signature scheme

to minimize the number of verifications.

We propose source authentication for the data stream transmitted by the service

provider that satisfies live streaming service via a modified Merkle Tree (MT). MT

generates a set of siblings for the receiver to check authenticity of transmitted packets.

Fig. 4 depicts an example of MT. The sender constructs a binary tree for 8 Ps. The

P1 P2 P3 P4 P5 P6 P7 P8

H1 H2 H3 H4 H5 H6 H7 H8

H1,2

H1,4

H3,4

root

H5,6 H7,8

H5,8

Fig. 4 Structure of Merkle tree

output via the hash function of Ps, becomes the leaf node of a MT. Each internal node

is the hash value for concatenation of its right and left children. MT is constructed via

these iterated processes. The root of MT has to sign via a digital signature scheme to

provide source authentication for transmitted packets. When the packet is transmitted,

the packet, the corresponding siblings and signature of root are transmitted together.

For instance, The sibling set for P3 is {H4, H1,2, H5,8}, a gray circle in Fig. 4. Thus, P3,

corresponding set of siblings, and a signature of root will be delivered together and the

root can be recovered as root = H((H1,2, (H(P3), H4)), H5,8). The receiver can verify

the packet by checking a signature of root. Once the root of tree is authenticated, the

remaining packets of the corresponding tree that construct a MT can be verified

through comparison of the root constructed via light operations such as hash with

authenticated root.

MT could provide source authentication in case of packet loss due to set of siblings

and signature of root that transmitted with packet. Thus, the receiver does not have to

buffer the transmitted packets to verify authenticity. This property provides resilience

to DoS and pollution attacks. The receiver could check the authenticity of transmitted

packets as soon as they are received. MT is suitable to authenticate a real-time broad-

casting service, such as IPTV. The communication overhead per packet of the MT

scheme is high due to siblings and signatures. Thus, we need to modify MT to offer

low communication overhead and fast authentication latency.

We utilize the MT scheme to provide source authentication for live streaming and

modify the transmission of the set of siblings and signature of the root, due to high

communication and computation overheads. As mentioned in Section 3, ECM and

EMM, called CAS messages, are signed by the service provider to authenticate their

sources. Thus, if a root of MT is included in those packets and is signed together, we

need only one signing process to both the CAS messages and the root. The signature

of MT transmitted together with each transmitted packet in the original MT scheme is

not included in each packet due to high communication overhead. Instead, the CAS

message will include the root of MT and the signature of the modified CAS message.

Each data stream packet (TS) will include the set of siblings as well. That is, we do

Full Binary Merkle Tree

ECM2TS1 W1 ...

H(root)

ECM Payload H(root) Signature

aa

ECM1 TS2 W2 TS3 W3 TSn Wn TS1 W1 ...

TSi : MPEG2 transport stream

Wi : Set of TSi’s siblings

Signature : Signature of ECM

Payload and H(root)

Fig. 5 Stream of proposed protocol

not need an additional signing process on the sender side and signature verification

process on the receiver side, and communication overhead will reduce slightly.

The ECM transmission period is shorter than that of EMM. Hence, it is suitable for

the service provider to sign ECM to authenticate TSs and to reduce communication

overhead. The current commercial IPTV system in Korea utilizes a 0.1 sec transmis-

sion period for ECM. A subscriber who wants to join the service has to wait for ECM

to get CW, because there might be ECM packet loss. Generally, people are impatient

to wait for some time to watch TV.

The sender constructs MT with leaf nodes that are hashes of TSs and signs the root

of MT with ECM to authenticate the MT root. The constructed root is a representative

value of TSs. That is, the equivalent effect of signing each TS is achieved by signing

the root. The service provider concatenates the set of siblings of the nodes along the

path from the TS to the root, with the corresponding TS, and transmits these generated

packets with TS. Fig. 5 depicts the stream of the proposed protocol and Wi is the set of

siblings that corresponds to the TSi. TSs with the corresponding set of siblings and

ECMs are transmitted to the subscriber. For instance, If there is 8 TSs between ECM1

and ECM2, W1 will be {H2, H3,4, H5,8}.

First, the receiver checks the signature included in ECM to authenticate ECM.

Then, the receiver can check whether these TSs are valid, comparing the root deli-

vered via ECM with the root generated by the receiver. If those TSs are not valid, the

receiver may discard those packets without buffering.

Hence, there is one signature verification for one tree and some hash operation to

verify the transmitted TSs. Fig. 6 shows live streaming of proposed protocol. The

notion of tree(mi) stands for time of construction MT, corresponding to stream of mi.

After the construction and signing process, the stream starts transmitting to subscribers.

time

period ECM

m1 packets

m1 packets m2 packets

tree(m1) + sign tree(m2) + sign

period ECM

Fig. 6 Live streaming flow

5 Security and Performance Analysis

5.1 Authentication Latency

Generally, block-based source authentication, which reduces the number of signature

verification operations at each receiver, should collect entire packets of the block to

verify source of packets before the verification process. Thus, authentication latency is

very high. (m, n) coding protocol such as SAIDA [5] should collect more than n pack-

ets to verify source of packets.

However, our protocol provides short authentication latency, comparing the root of

hash tree, delivered with the ECM signed by a service provider with a root calculated

via a hash operation. There is no additional signature verification process, because we

utilize the ECM signing process of current CAS. Therefore, the subscriber could veri-

fy the source of the multimedia data stream via computationally light hash operations.

We simulate to evaluate the additional delay at both sender and receiver sides to

provide IPTV source authentication. The simulation program is written in C and runs

on a 1.6 GHz Pentium Dual Core Linux PC, with a XySSL 0.9 cryptography library

[9]. MD5-128 is used for the hash function and RSA with 1024 bits key is used as the

digital signature scheme. Table 1 and Table 2 depict processing delay and number of

operations to generate authenticated packets and to verify those packets according to

the bit rate of stream, respectively. Our protocol provides short authentication latency

at the receiver side. On the other hand, there is slight latency to generate MT. Howev-

er, it is possible to reduce latency at the sender side, because CAS is more powerful

than the Set-top box. ITU-T Recommendation, Y.1540 and Y.1541 [10] provide QoS

parameters such as IP Packet Transfer Delay (IPTD), IP Packet Delay Variation

(IPDV), IP Packet Loss Ratio (IPLR) and IP Packet Error Ratio (IPER) and 5 QoS

classes. We could be sure if our protocol is suitable for IPTV service, because our

Table 1 Number of operation and processing delay on sender side

Stream Hash (188Bytes) Hash (32Bytes) Concatenation Delay (ms)

5Mbps 256 255 255 0.55

10Mbps 512 511 511 1.1121

20Mbps 1024 1023 1023 2.2217

Table 2 Number of operation and processing delay on receiver side

Stream Hash (188Bytes) Hash (32Bytes) Concatenation Delay (s)

5Mbps 1 8 8

10Mbps 1 9 9 1.1121

20Mbps 1 10 10 2.2217

propose protocol affects only IPTD. IPTD of class 4 (Multimedia service) is 1 sec,

and the additional delay to process source authentication (i.e. processing delay on

sender side and receiver side) is so short that QoS of IPTV cannot be influenced by

additional delay.

5.2 Resilience to Packet Loss

Source authentication via block-based authentication or hash chaining scheme has

correlations between packets. Hence, if there is packet loss, the remainder of the

packet, which consists of the entire block or chain, might be affected. However, our

protocol eliminates correlation between packets, and transmits packets with a set of

siblings so that the receiver could generate the root with which it is used to compare

the authentic root within ECM and verify authenticity of packets regardless of packet

loss. In spite of these characteristic of our protocol, if ECM is lost, it is impossible to

authenticate packets that consist of the corresponding tree. We do not consider this

situation in our protocol, because of current CAS characteristics that could not de-

scramble the multi-media stream without CW transmitted within ECM.

5.3 DoS Resilience

It is possible for an adversary to transmit a forged message (or randomly generated

message) to a subscriber and cause a victim to disturb in his/her verification process

and to increase computational overhead at the receiver side.

In the case of source authentication via a hash chaining scheme, an adversary can

mix forged packets without block signature so that the buffer of that victim might

overflow due to packet buffering until arrival of the block signature

Our protocol utilizes MT to authenticate a set of packets and filters transmitted

packets from an adversary via a comparing process between a root of the tree within

ECM and a root calculated by a packet and a set of siblings.

5.4 Non-repudiation

The service provider could not deny that s/he sent packets to receivers, because of the

digital signature of a set of packets. If there is a dispute between a service provider

and receivers after transmission, the non-repudiation service could provide legal evi-

dence of packets sent.

5.5 Computation Overhead

Computation overhead can be divided into two aspects, sender side (service provider)

and receiver side (subscriber). A sender needs O(nlogn) hash operations to generate

Merkel tree, and does not need additional signing process of root. We utilize this

scheme to sign ECM and a root of MT, because current CAS does sign ECM. Gener-

ally, the service provider’s server is a powerful machine to multiplex and scramble the

data stream. Thus, our focus is to reduce computation overhead and authentication

latency at the receiver side. Conversely, a receiver first verifies signature of ECM that

contains root of MT and verifies source of a packet via O(logn) hash operations to

compare the computed root with the authenticated root.

5.6 Communication Overhead

The number of siblings transmitted with TS is O(logn). Variable n is determined by

the ECM transmission period and bit-rate of multimedia stream. It is possible to utilize

of a portion of the hash output to reduce communication overhead of the proposed

protocol. The security strength of hash output relies on the hash output size, to reduce

hash output size, could be vulnerable to a brute force attack. Thus, the service provid-

er has to decide hash output size according to the situation. An adversary can forge TS

by finding an equivalent hash output with an authentic one after receiving TS prior to

transmitting the authentic TS to subscribers. We have to choose a proper hash output

size which makes it impossible for an adversary to find the equivalent hash output, to

prevent this kind of attack. That is, the service provider should make it impossible for

an adversary to find an equivalent hash output within 1/2 of maximum RTT (Round-

Trip Time) of IPTV service. Table 3 shows the average time to find the equivalent

hash output according to the hash output size. The relationship of hash output size and

security strength is a trade-off. A system administrator should adjust an appropriate

hash output size according to data stream importance.

6 Conclusion

We proposed source authentication protocols for IP-TV system. Until now, to the best

of our knowledge, there has not been a source authentication protocol for IPTV, Up to

now, most proposed IPTV protocols are not for the subscribers but are to protect

profits for the service provider and content providers. We propose a scheme to

achieve subscriber rights to enjoy an authentic content via source authentication of the

transmitted stream and to offer legal evidence for any subsequent disputes between the

service provider and subscribers. Our proposed protocol is very efficient to both the

service provider and receivers, especially on the receiver side, which provides low

authentication latency suitable for live streaming service, because there is no addition-

Table 3 Number of hash operation and average time to find eqivalence

Operation Hash output (8bit) Hash output(16bit) Hash output (32bit)

Number of Operation 256 65536 4294967296

Time (s) 0.00067 0.17391 3.16595

al signing and verification process. It also offers QoS for the content, due to packet

loss tolerance and prevents the subscribers from suffering DoS attack.

Despite of these advantages, our protocol has a drawback. As we mentioned in Sec-

tion 5, the communication overhead of our protocol is slightly higher because of the

set of siblings transmitted with packets. Because the relationship between the hash

output size and the security strength of hash function is trade-off, the service provider

has to choose an adequate hash output size according to their situation and content

importance.

References

1. Won. Young J. et al., “End-user IPTV traffic measurement of residential of broadband

access networks,” Proc. of IEEE NOMS Workshops 2008, Apr. 2008, pp. 95-100

2. T. Yoshimura, “Conditional access system for digital broadcasting in Japan,” Proc. of IEEE,

Jan. 2006, pp. 318-322

3. B. Lu et al., “A scalable key distribution for conditional access system in digital pay-tv sys-

tem,” IEEE Trans. On Consumer Electronics, May. 2004, pp. 632-637

4. R. C. Merkle, “A digital signature based on a conventional encryption function,” Advances

in Cryptography, CRYPTO’87, 1987, pp.369-378

5. J. M. Park et al., “Efficient multicast packet authentication using signature amortization,”

Proc. IEEE Symp. Security and Privacy, May 2002, pp. 227-240

6. A. Perrig et al., “Efficient authentication and signing of multicast streams over lossy chan-

nels,” Proc. IEEE Symp. Security and Privacy, May 2000, pp. 56-73

7. A. Perrig et al., “Efficient and secure source authentication for multicast,” Net. and Distrib.

Sys. Sec. Symp., Feb. 2001, pp. 35-46

8. ITU-T, “Security architecture for systems providing end-to-end communications,” ITU-T

Rec. X.805, 2003

9. XySSL Project, http://www.xyssl.org

10. Neal Seitz, “ITU-T QoS Standards for IP-Based Networks,” IEEE Communications Maga-

zine, Jun. 2003, pp. 82-89

http://www.xyssl.org/

Source Authentication for IPTV System

Technology

Transcript of Source Authentication for IPTV System