How to Harden CA and Become Less Insecure
With confidence in conditional access (CA) technology on the wane after publicized exposures of satellite TV smart cards, one vendor is touting an approach that promises to protect existing CA.
The technology could even revive the cable industry’s stalled efforts to craft a common downloadable CA system (DCAS).
Star hacker
Exhibit A for smart card vulnerability is a June 2008 Wired.com conversation with celebrated hacker Chris Tarnovsky.
A figure in a corporate espionage lawsuit between News Corp. subsidiary NDS and Dish Network (formerly Echostar Communications) that erupted last April and May, Tarnovsky had remained for several years on the News Corp. payroll after building a device called a "stinger" that could communicate with any smart card, Echostar’s included.
The Wired interview of Tarnovsky, who founded Flylogic Engineering in April 2007 to perform hardware and software security analysis of semiconductors, took place in his San Diego laboratory.
Posted on YouTube, the video (click here) shows Tarnovsky using common acids to expose the card’s circuitry, scratching a tiny hole within the chip’s data bus region, "listening" to sequential samples of the device’s eight-bit bus and then describing further possible interactions with it.
"I could actually send a management message, for example, into the chip, and eavesdrop everything the chip did to decrypt the message," Tarnovsky said.
Cable (in)security
Few technologists in the cable industry frequent the kinds of spy-vs-spy infosec (information security) gatherings that feature speakers such as Tarnovsky, but secure CA is as valuable to cable as it is to direct broadcast satellite (DBS).
Comcast’s $1 billion set-top agreement with Motorola in 2005, which included provisions to collaborate on and even license Motorola’s MediaCipher CA, is a case in point. The $50 million (or more) that Comcast, Time Warner Cable and Cox sunk into the PolyCipher DCAS initiative is another.
While cost structures appear to have sunk PolyCipher (see "Whatever Happened to DCAS?" CT June 2008), there remains the question of actually how to tighten security, a matter made more urgent by the arrival of low-cost digital terminal adapters – also known as digital-to-analog adapters – (DTAs) and expanding home networks.
Comcast has to date selected three suppliers of DTAs: Motorola, Pace and Thomson. Obtaining the right to use of Motorola’s Privacy Mode CA was part of the drill of designing these boxes, according to one (non-Motorola) vendor, who said Comcast’s Conditional Access Licensing (CAL) fee amounted to a couple of hundred thousand dollars.
The question is whether Privacy Mode (should Comcast decide to activate it through firmware downloads) still renders a DTA vulnerable to compromise.
Absolutely, according to Zultan Costin, manager of North American market development for Irdeto Access. "What you have is a public storage space, where you store your security code. You have a public RAM space, where all your apps are running. And some embedded serial numbers on the chip on what you’re encoding. That’s it!"
Obfuscation engine
When considering a security solution for the DTA, Costin said his team initially thought it was "not possible, (that) it’s way too exposed."
What changed their mind was input from new colleagues at Cloakware, a business that Irdeto acquired in early 2008. Claiming widespread deployment on set-tops, PCs, smart phones and media players, Cloakware runs security code of whatever source through an "obfuscation engine," leveraging in addition what the company’s Director of Business Development Trevor Issac calls "security diversity."
The idea involves multiple iterations. "Each time you run it through that tool, what pops out is code that is functionally equivalent, but structurally different," Issac said.
Applying that practice 10 times on an installed base of 10 million set-top boxes, for instance, means that a compromised security code would only work on a million boxes. Moreover, quick renewal of the software would render that target unattainable as well. The upshot is a lot more resources needed to reverse engineer a set-top’s CA.
"You’ve broken the hacker business model," Issac said.
The technique is equally applicable to the PC. "Most of the MSOs today are looking at home networking," said Irdeto’s Costin. "And when they are looking at home networking, they are looking at DTCP/IP (digital transmission content protection over Internet protocol)."
CableLabs approved DTCP/IP in August 2007 for digital cable products. "Actually, (it’s) a pretty good code," Costin said, "but it’s not prepared to run unprotected."
Does this overall approach effectively fit the bill of a downloadable security? "If you have standard obfuscation technology to be applied to anybody’s CA code, so it can be downloaded with open flash and RAM, you’ve got a new DCAS," said Costin.
– Jonathan Tombes
Read more news and analysis on Communications Technology‘s Web site at www.cable360.net/ct/news/.