DOWNLOADABLE SECURITY DISCUSSION · Content Key encryption and renewal Local PVR...
Transcript of DOWNLOADABLE SECURITY DISCUSSION · Content Key encryption and renewal Local PVR...
1 Copyright 2015 Broadcom Corporation. All rights reserved.
DOWNLOADABLE SECURITY DISCUSSION
Bryant Tan May 2015
2 Copyright 2015 Broadcom Corporation. All rights reserved.
TRADITIONAL VIDEO PROTECTION
Cable (Client) STB
IP (Client) STB
OTT / Media Player
HDTV
xDSL Gateway
Tablet Smart Phone
Cable Gateway
xDSL
DBS STB
Portable DVR
PC
VoIP Gateway
C O N N E C T E D D I G I TA L H O M E
IEEE 1905.1
Cable (Cl
Por
Content Delivery
DBS STB
CG
DDBS STBD
Content Decoding B
B
VRDisplay 4K Video 4K Video
• Content Protection
Cable
• Platform Security • CA/DRM descrambling • Local PVR encryption/
decryption • CableCard/smartcard
ent) B
layer
B
• HDCP /1.4 for HDMI1.4 • DTCP-IP for DLNA • HDCP2.x for Miracast
Content/ Data/ Voice
3 Copyright 2015 Broadcom Corporation. All rights reserved.
CONDITIONAL ACCESS
ARRIS Cisco CableCard JCAS/KLAD DTA/UDTA/HD-DTA EchoStar DIRECTV Cisco/NDS Nagra/Conax Irdeto Viaccess Verimatrix Latens Secure Media
4 Copyright 2015 Broadcom Corporation. All rights reserved.
DIGITAL RIGHTS MANAGEMENT/DRM
Ericsson Mediaroom Widevine Microsoft PlayReady (WMDRM Portable and Network Device) DivX Marlin/Intertrust Netflix VUDU Amazon Adobe Pro:Idiom Tivo Rhapsody YouView CinemaNow Pandora Internet Radio Hulu ViewRight Web
5 Copyright 2015 Broadcom Corporation. All rights reserved.
COPY PROTECTION
Other Copy Protection System: DVB-CI DVB-CI+ CSS for legacy DVD CPPM/CPRM HDCP DTCP DTCP-IP
Analog Copy Protection: Macrovision Dwight Cavendish Systems (DCS) CGMS-A
6 Copyright 2015 Broadcom Corporation. All rights reserved.
MOVIELABS 1.1 SPECIFICATION
Anti-Clone Unique non-modifiable Hardware IDs/Keys per part
Content Protection Conditional Access (CA) Descrambling Secure Key Path Content Key encryption and renewal Local PVR encryption/decryption Watermarking and fingerprinting tracing Secure Video Path Memory Protection
Platform Protection Bootloader verification and Software Chain of Trust Debug Interfaces Protection Countermeasures for Side Channel Attacks Trusted Execution Environment/TEE (Security Processor, TPM, TrustZone)
7 Copyright 2015 Broadcom Corporation. All rights reserved.
MOVIELABS 1.1 SPECIFICATION (CONT)
Digital Output and Link Protection HDCP1.4/HDCP2.2 for HDMI1.4/HDMI2.0 DTCP-IP for DLNA HDCP2.x for Miracast Different schemes from DRM and CA vendors
Gateway/Terminal to Terminal Protection SSL/TLS
Breach Response Intrusion Detection Software Revocation and Renewal
Certification/Robustness Rules Common Security Method/Standard/Implementation Liability
8 Copyright 2015 Broadcom Corporation. All rights reserved.
HIGH LEVEL SECURITY MODULES
TEE CPU 1) Non-Modifiable information
2) Root Key Derivation 3) Crypto Accelerators
4) 3rd Party Crypto Hardware 5) Secure Boot
6) Debug Interfaces Protection 7) Secure Key Path
8) Secure Video Path 9) Watermarking
10) Countermeasures
Intrusion Detection
Host CPU
Local Encryption/Decryption
Conditional Access
Descrambler
Memory Protection
HDMI Transmitter
(HDCP key protection)
External
Memory
9 Copyright 2015 Broadcom Corporation. All rights reserved.
BLACK BOX
SECURED CAGE
AUTOMATED TEST EQUIPMENT
AUTOMATED TEST EQUIPMENT
AUTOMATED TEST EQUIPMENT
AUTOMATED TEST EQUIPMENT
(PRIVATE NETWORK)
HW/SW NIC
The black box is kept physically secure, with controlled and accountable access to the room/cage in which it resides
HW/SW NIC
HW/SW NIC
HW/SW NIC
BLACK BOX/UNIQUE KEY PROVISION SYSTEM
10 Copyright 2015 Broadcom Corporation. All rights reserved.
COUNTERMEASURES FOR SIDE CHANNEL ATTACKS
Side Channel Attacks Rather than Brute Force attack, these are attacks based on information gained from the physical implementation of a cryptosystem.
Timing Attack attacks based on measuring how much time various computations take to perform
Glitch Attacks Voltage, Frequency, .
Power Analysis Attacks Simple Power Analysis (SPA) Differential Power Analysis (DPA)
Electromagnetic Analysis Attacks Simple Electromagnetic Analysis (SEMA) Differential Electromagnetic Analysis (DEMA)
11 Copyright 2015 Broadcom Corporation. All rights reserved.
Bootloader Verification/Decryption Loader Verification/Decryption Kernel/Rootfs Verification/Decryption
TEE Software/Firmware Verification/Decryption, Renewability and Revocation Decoder Firmwares Verification/Decryption, Renewability and Revocation System Root of Trust RSA Public Key Chain or X509 Certificates Secure Bootrom or Security Processor
SOFTWARE/FIRMWARE VERIFICATION
12 Copyright 2015 Broadcom Corporation. All rights reserved.
COMMON SOFTWARE API FOR DOWNLOADABLE SECURITY MODULE
Downloadable Security Software Module (security module driver/application to filter License Information (for eg EMM/ECM) and convert License Information into Key ladder information Each CA/DRM vendor can download its own Security SW Module, after passing the RSA signature verification. Need to define a set of common Software APIs and configuration file in loader SW so that we can download Security SW Module
13 Copyright 2015 Broadcom Corporation. All rights reserved.
General overview of the different approaches for providing secure processing on SOC’s – TEE, Root of Trust, etc.
General overview of the partitioning between hardware and software for security functions
General overview of how secure areas are ‘partitioned’ so that secrets for different services are kept separate or managed
General overview of the types of threats that are being addressed and any specific threats out of scope
General overview of security testing techniques, weak links, etc
General overview of manufacturing considerations and platform requirements for the security elements
Thoughts on the security risk associated with using a common security method/standard for a broad range of uses
The challenges associated with supporting secure downloading of software security functionality
Specific adaptations made for secure processing of MVPD content – compare and contrast any differing requirements for each MVPD vertical
Specific adaptations made for secure processing of OTT content
General thoughts on the necessary business relationships needed for securing content, division of liability, etc.
Relevant specifications, standards, certifications, IPR, licenses, etc.
Q & A