Example of a PAL video field scrambled by VideoCrypt I

VideoCrypt is a cryptographic, smartcard-based conditional access television encryption system that scrambles analogue pay-TV signals. It was introduced in 1989 by News Datacom and was used initially by Sky TV and subsequently by several other broadcasters on the Astra satellites. For other uses, see PAL (disambiguation). ... Cryptography (from Greek kryptós, hidden, and gráphein, to write) is, traditionally, the study of means of converting information from its normal, comprehensible form into an incomprehensible format, rendering it unreadable without secret knowledge — the art of encryption. ... A smart card, or integrated circuit(s) card (ICC), is defined as any integrated circuitry embedded into a flat, plastic body. ... Conditional access (CA) is the protection of content by requiring certain criteria to be met before granting access to the content. ... Television encryption, often referred to as scrambling, is encryption used to control access to pay television services, usually cable or satellite television services. ... You may be looking for a form of climbing: scrambling Scramble is a 1981 horizontally scrolling shoot em up, arcade game. ... Pay television, or pay-TV, usually refers to subscription-based television services, usually provided by both analogue and digital cable and satellite, but also increasingly by digital terrestrial methods. ... NDS, originally known as News Datacom is a DRM and conditional access firm. ...

Users

British Sky Broadcasting (BSkyB — formerly two companies, Sky Television and BSB) is a company that operates Sky Digital, a subscription television service in the UK and the Republic of Ireland. ... SES Astra SA, is a corporate subsidiary of SES, based in Betzdorf, in eastern Luxembourg, that owns and operates the Astra series of geostationary satellites, which transmit approximately 1100 analogue and digital television and radio channels via 176 transponders to 91 million households across Europe. ... For other uses, see Europe (disambiguation). ... SES Astra SA, is a corporate subsidiary of SES, based in Betzdorf, in eastern Luxembourg, that owns and operates the Astra series of geostationary satellites, which transmit approximately 1100 analogue and digital television and radio channels via 176 transponders to 91 million households across Europe. ... For other uses, see Europe (disambiguation). ... SES Astra SA, is a corporate subsidiary of SES, based in Betzdorf, in eastern Luxembourg, that owns and operates the Astra series of geostationary satellites, which transmit approximately 1100 analogue and digital television and radio channels via 176 transponders to 91 million households across Europe. ... SKY Network Television Limited (ASX: ; NZX: SKT), often trading as SKY, is a New Zealand pay television service. ... Ultra high frequency (UHF) designates a range (band) of electromagnetic waves whose frequency is between 300 MHz and 3. ... Very high frequency (VHF) is the radio frequency range from 30 MHz to 300 MHz. ... Filmnet is a premium television service available in Greece, that broadcasts blockbuster movies and hit series. ... For other uses, see Europe (disambiguation). ... SES Astra SA, is a corporate subsidiary of SES, based in Betzdorf, in eastern Luxembourg, that owns and operates the Astra series of geostationary satellites, which transmit approximately 1100 analogue and digital television and radio channels via 176 transponders to 91 million households across Europe. ...

Versions

Three variants of the VideoCrypt system were deployed in Europe: VideoCrypt I for the UK and Irish market and VideoCrypt II for continental Europe. The third variant, VideoCrypt-S was used on a short-lived BBC Select service. The VideoCrypt-S system differed from the typical VideoCrypt implementation as it used line shuffle scrambling.

• Sky NZ and Sky Fiji may use different versions of the VideoCrypt standard.
• Sky NZ used NICAM stereo for many years until abandoning it when the Sky DTH technology started replacing Sky UHF.

NICAM (known also as NICAM 728, after the 728 kbit/s bitstream it is sent over), Near Instantaneous Companded Audio Multiplex, is a format for digital sound on analogue television transmissions. ... A Satellite dish antenna A satellite dish is a type of parabolic reflector antenna designed with the specific purpose of transmitting signals to and/or receiving from satellites. ...

Operating principle

The system scrambles the picture using a technique known as Line Cut-and-Rotate. Each line that made up each picture (video frame) is cut at one of 256 possible "cut points", and the two halves of each line are swapped around for transmission. The series of cutpoints is determined by a pseudo-random sequence. Channels were decoded using a pseudorandom number generator (PRNG) sequence stored on a smart card (aka Viewing Card). A pseudorandom number generator (PRNG) is an algorithm to generate a sequence of numbers that approximate the properties of random numbers. ... Smart card used for health insurance in France. ...

To decode a channel the decoder would read the smart card to check if the card is authorised for the specific channel. If not, a message would appear on screen. Otherwise the decoder seeds the card's PRNG with a seed transmitted with the video signal to generate the correct sequence of cut points.

The system also included a cryptographic element called the Fiat Shamir Zero Knowledge Test. This element was a routine in the smartcard that would prove to the decoder that the card was indeed a genuine card. The basic model was that the decoder would present the card with a packet of data (the question) which the card would process and effectively return the result (the answer) to the decoder proving that it was a genuine card without disclosing any critical information. If the decoder received the wrong result from the card, it was supposed to stop decoding the video. However a technologically insecure implementation of this otherwise strong cryptographic element made it redundant. Adi Shamir (‎; born 1952) is an Israeli cryptographer. ...

The VideoCrypt-S variant, used by the BBC Select service, was based on line shuffle scrambling. This form of video scrambling changes the order in which lines are transmitted thus line 20 may be transmitted as line 32. The VideoCrypt-S variant used six blocks of forty seven lines per field. It had three scrambling formats: full shuffle in which 282 lines were affected; half shuffle, in which every alternate field was scrambled; and a line delay scramble in which the start position of the video in each line was pseudo-randomly delayed.

Attacks

The VideoCrypt system was far from secure and a number of hacks were employed.

Card attacks

• Hackers discovered methods of preventing Sky from killing or deactivating their cards. The simplest of these attacks relied on the fact that Sky was using EPROM technology for its smartcards at the time. Thus by modifying the decoder to limit the write voltage to the card, it was possible to stop cards being turned off over the air. Another, known as the KENtucky Fried Chip attack relied on replacing the microcontroller that controlled the smartcard to decoder interface. This attack relied on blocking packets with the smartcard's identification number. The voltage based attack failed after Sky changed to smartcards that used EEPROM technology.

• Commercial pirates completely reverse engineered the Sky smartcard, removed the access control routines and created working pirate smartcards using different microcontroller types (typically the PIC16C84) to that used by Sky.

• Hackers also discovered, (after the commercial pirate code became public) ways of switching on "dead" cards using a computer and smartcard interface by sending a properly formatted and addressed activation packet to the card. Variations on this attack also allowed existing subscriber cards to be upgraded to more expensive subscription packages. This attack was known as the "Phoenix Hack" after the mythical bird that could bring itself back to life.

Datastream attacks The PIC16F84 is a microcontroller in the PIC family of controllers, produced by Microchip Technology. ... For other mythic firebirds, see Fire bird (mythology). ...

• Other successful hacks involved sampling the datastream between the card and the decoder, for example you could record a movie and store the decoder information so that people could then use it to decode the same movie that they recorded earlier with a decoder and "dummy" card (the dummy smartcard was an interface that received the synchronised decryption seeds from a computer). The attack was known as the Delayed Data Transfer hack and it worked because the conditional access data, decoder addressing and encrypted keys, were on the video lines that are recorded by normal VCRs and the data rate, unlike that of Teletext, was slow enough to allow the data to be recorded with the encrypted video.

Decoder card datastream attacks A BBC Ceefax page from January 9, 2007. ...

• The most successful hack on the VideoCrypt system is the "McCormac Hack" devised by John McCormac. This attack involved broadcasting the decryption keys from the decoder-card data live so that other decoders could use it to watch the encrypted channels effectively sharing a card with several decoders. This particular attack is extremely dangerous if the internet is used to redistribute the decryption keys since a single card can be used, virtually, in a multitude of decoders. Card Sharing is an implementation of the McCormac Hack.

Brute force Card sharing is a method by which independent devices obtain simultaneous access to a pay television system protected by a conditional access scheme by sharing one legitimate subscription card. ...

• As desktop computing power increased, such a simple system was always inherently vulnerable to brute force 'image-processing' attacks.
• Even without any information at all about the cutpoint sequence, adjacent lines in a picture can be 'correlated' to find the best match, and the picture reconstructed.
• The Brute force method will not work for all pictures, but is an interesting proof-of-concept.
• Markus Kuhn's Antisky.c program from 1994 is an early example of such an attack.
• More recently it has been shown that, using detailed knowledge of the way colour is transmitted in analogue TV systems, 'perfect' reconstruction could be achieved for many scenes.
• Cheap PC TV cards (~£40) with particular chipsets (e.g: Brooktree) were capable of descrambling the image in near real time (sound was delayed to match). This was made possible with software such as MoreTV or hVCPlus and a reasonably fast PC. The picture quality was on par with an old VHS videotape, with some colour distortion depending on PC performance.

These issues have become far less of a problem when Sky introduced Sky Digital which uses the VideoGuard system which so far has not been beaten. Although, the analog UHF option is still available. Dr. Markus G. Kuhn (born 1971 in Munich) is a German computer scientist, currently teaching and researching at the University of Cambridge Computer Laboratory. ... Sky Digital is the brand name for British Sky Broadcastings digital satellite television service, transmitted from SES Astra satellites located at 28. ... VideoGuard (sometimes referred to simply as NDS), produced by NDS, is a digital encryption system for use with conditional access television broadcasting. ...

References

• Michael Cohen, Jonathan Hashkes: A system for controlling access to broadcast transmissions. EP patent 0428252, 22 May 1991.
• John McCormac: European Scrambling Systems 5 – The Black Book, Waterford University Press, 1996, ISBN 1-873556-22-5.
• Markus Kuhn: Attacks on pay-TV access control systems, seminar talk slides, 1997.
• Markus Kuhn: Some technical details about VideoCrypt, 1996.
• Markus Kuhn: AntiSky – an image processing attack on VideoCrypt, 1994. This C programme reassembles VideoCrypt encoded stills.