To prohibit the unauthorized accesses on premium contents of the Pay-TV system, a conditional access system (CAS) scrambles the contents with a scrambling key. In order to securely send the scrambling key for descrambling, the CAS transmits the scrambling key after encrypting it with another encryption key. The encryption keys are generally transmitted by entitlement management message (EMM). In this paper, we propose a two-level user key management scheme for the IP CAS used in the IPTV system. A user key for every subscriber is subdivided into permanent subscriber key (SK) and updatable user key (UK). The SK is used to obtain the UK by an authentication protocol. According to the authentication protocol, the authentication server requests the results of cryptographic operations to the authentication client to verify the authentication client. The UK is used to encrypt the next encryption key. The proposed scheme strengthens the security of the IP CAS because the use of the UK for the EMMs enables the lifetime of the SK to be infinite and the replacement of the smartcard to be eliminated. In addition, the IP CAS adopts Java card instead of Smart card because Java card applets are able to be dynamically reloaded.
REFERENCES
[1] http://www.ebu.ch/en/technical/trev/trev_266-ca.pdf
[2]http://ir.lib.ncku.edu.tw/bitstream/987654321/98772/1/4010101801027.pdf
[3]http://dsns.csie.nctu.edu.tw/ssp/Meeting/27.Practical%20Key%20Distribution%20Schemes%20for%20Pay%20TV%20Channel%20Protection.pdf
