1

Conditional Access Systems

(CA) in MPEG-2/DVB
2
Contents

Conditional Access-CA

Common Interface-CI
3
Conditional Access-CA
4
Conditional Access System
The primary purpose of a CA system for
broadcasting is to determine which individual
receivers/ set-top decoders shall be able to deliver
particular programme services, or individual
programmes, to the viewers.

5
Main parts of the CAS in
Transmission Side.
1.Scrambler.

2.Encrypter.

3.Subscriber Authorization System (SAS).

4.Subscriber Management System (SMS).

5.Control Word Generator.


6
Scrambler
The method of continually changing the
form of the broadcast signal so that,
without a suitable decoder and
electronic key, the signal is
unintelligible.

7
Encryption.
The method of processing the
continuallychanging electronic keys
needed to descramble the broadcast
signals, so that they can be securely
conveyed to the authorized users, either
over-the-air or on smart cards.

8
Subscriber Authorization
System (SAS)

The centre responsible for organizing,
sequencing and delivering EMM and
ECM data streams under direction from
the Subscriber Management System.

9
Subscriber Management
System (SMS)
The business centre which issues the smart
cards, sends out bills and receives payments
from subscribers. An important resource of the
Subscriber Management System is a database of
information about the subscribers, the serial
numbers of the decoders and information about
the services to which they have subscribed. In
commercial terms, this information is highly
sensitive.

10
Main parts of the CAS in
Receiving Side.(Settop Box)
Descrambler.
Decrypter.
Smart Card.
Embedded Modem In Settop Box
11
Descrambler.
The process of undoing the scrambling to
yield intelligible pictures, sound and data services.
12
Decrypter.
The method of decoding the ECM and EMM from
the broadcast signal to enable the Video,Audio
and Data to the Authorized Subscriber through the
Authorized Settop Box and Smart Card.
13
Smart Card.
It is used as a token of entitlement to descramble broadcast
signals.. Smart cards can be issued by the Subscriber
Management System which can validate them by
pre-programming them with keys to authorize access to
certain tiers of programmes and/or data services. As part of
the same issuing and validation process, the card may be
personalised to make each one valid for one particular
decoder only
14
Typical SMART CARD
15

Embedded Modem In Set top Box
Embedded Modem in Settop Box is
used to send the Message of Impulse
Pay Per View channel selected from the
EPG in the STB and send to the
Broadcaster SMS system to activate the
customer requested IPPV channels to
Individual Settop Box.
16
CA Mechanisms
Control_Word is used to initialize the
Descrambling sequence.
Service-Key is used to scramble the
control word for a group of one or more
users.
User_Key is used for scrambling the
service key.

17

Main Components of
Scrambling and Descrambling.

Entitlement Management
Message(EMM).

Entitlement Control Message(ECM).


18
Eentitlement Management
Message(EMM).
A message authorizing a viewer to descramble a service.
An EMM is a specific component of the electronic key
signal and over-the-air addressing information. The EMMs
are used to switch individual decoders, or groups of
decoders, on or off and are transmitted over-air in
encrypted form.
EMM are a function of the service _key and user-key
and are transmitted approx every 10 sec.
19
Entitlement Control
Message(ECM).
A cryptogram of the control word and the access conditions.
An ECM is a specific component of the electronic key signal
and over-the-air addressing information. The ECMs are
used to control the descrambler and are transmitted over-air
in encrypted form
ECM are a function of a control_word and the
service_key and are transmitted approx every 2 sec.

20
Schematic of ECM & EMM generation
process.
Encryption
Control_words
ECM
EMM
User_key. Service_key.
21
Block Diagram of ECM , EMM Generator
IRD/STB
ECMG
EMMG
Head-end
(encoder,
MUX)
SAS
SMS
Return Path
SAS Subscriber Authorization System ECMG ECM Generator
SMS Subscriber Management System EMMG EMM Generator
Modem
Up-link
Down-Link
22
ECM & EMM found in the Transport
Stream.
PID M Video 3 PID 0 ECM-3 EMM-2 Audio 3 PID 1 Video 3 EMM-1
Prog 3 Prog 3
CA System-1
CA System-2
PAT
Sections
PMT Sections
CA Sections
Transport Stream
PID
Audio
Video
ECM
PCR
PID M
23
ECM, EMM Section.
ECM_or_EMM_section() {
Table_id 1 byte 0x80 to 0x8F
section_syntax_indicator 1 bit 0 in ECM & EMM
case
DVB_reserved 1 bits 1
ISO_reserved 2 bits 11
CA_section_length 12 bits
CA_data_bytes n bytes (CAS proprietary
format)
}
ECM table_id: 0x80 and 0x81 alternatively
used as for toggle bit, signalling ECM content change
EMM table_id: 0x82 to 0x8F
24

Scrambling and access control
General mechanism
Scrambler
Decrambler
Multiplexer
CW
generation
ECM
generation
EMM
generation
De-multiplexer
Clear Services
& data
CW
CW
Customer Set Top Box
Service Key
User Key
Control Word
Service Key
S.A.S
ECM=f(Control_Word, Service_Key)
EMM=f(Service_Key, User_Key)
Scrambled
services
+ EMMs
+ ECMs
Service Key
Descrambler
User Key
EMMs
EMMs User Key
Control Word
Descrambler
Service
Key
ECMs
Broadcasting Center
25
Block Diagram Of Scrambling & Descrambling System.
Modem Modem
26
Leading CA Manufacturers
NDS
CONAX
CRYPTOWORKS
NAGARAVISION
CANAL+
Viaccess
27
Common Interface-CI
28
Common Interface CI
To decode encrypted Programmes, you need a subscription
to the appropriate broadcaster along with hardware that
enables you to use the decryption card (smart card) sent to
you by the broadcaster. The first piece of hardware is the
Common Interface (CI), which is connected directly to the
DVB card. A Conditional Access Module (CAM) is inserted
into the CI, and the CAM is used to house the smartcard
itself. Unfortunately it is easy to get these names confused.
Again and again Conditional Access Modules are referred to
as CI modules - which can be confusing, since CIs
themselves can also be designed in the form of pluggable
modules for example, the Siemens DVB-C module).

29
Types of CI
Simulcrypt: A technique allows access to service
(program) by multiple CA systems at transmitter.
This typically requires a common scrambling
algorithm.
Multicrypt: systems. This typically requires that all
CA functions (including descrambling) are contained
in a detachable module. This is done by means of a
standardized interface such as Common Interface
in DVB. (DVB-CI, EN50221; Extension,TS 101

30
CA Standards
DVB-CSA (Common Scrambling
Algorithm)

DVB-SIM (SimulCrypt)

DVB-CI (Common Interface)

31
32
CI Hardware
CI PCMCIA Slot
CI Module
33
Leading CI Manufacturers
SCM Microsystems
NOKIA
Iredito
Nagaravision
CONAX

34
Thank You