[Ffmpeg-devel] Re: HDTV, patents, DRM

Erik Slagter erik
Wed Mar 15 13:45:28 CET 2006

On Wed, 2006-03-15 at 03:25 +0000, M?ns Rullg?rd wrote:

> The keys are sent in the stream encrypted with one half of an
> public/private key pair, the other half of which is embedded inside
> the smartcard.  If you think cracking the private key is easier, go
> ahead.  Or maybe it's possible to glean something using a bus analyzer
> connected to some chips inside the STB.  Even so, it's difficult
> enough that *very* few people will do it.

I was under the impression that in general the transmitted keys (ECM
"code words") are handed to the smart card which first checks whether
you're actually allowed (EMM etc.), then applies some very secret
algorithm to it (possibly selectable/configurable by EMM card update)
which yields the key to actually decrypt the stream.

The hard part in this is that you don't know what goes on in the smart
card, although I've read of people scanning the card with X-rays and
reverse engineered the logic ;-). Attaching a bus scanner also seems to
work, some do it that way, but afaik most crackers simply get their data
from the raw ts stream. As almost any CAM system at least has been
cracked partly apparently it's quite hard to get it 100% right.

Anyway, if you're only goal is to get the video stream without DRM
restrictions a slightly modified STB would suffice (or use one using
open source software, there are a few).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2771 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20060315/c998366d/attachment.bin>

More information about the ffmpeg-devel mailing list