Conditional Access Systems
What is CAS?
A Conditional Access System is the collection of security
components in the end-to-end pipeline of broadcast media,
from source headend equipments to client devices.
PayTV systems generate revenue by enabling media content
rights exclusively to viewers who pay for it.
“Paid channels” or channels with premium content, which are not
Video-on-demand and movie-on-demand services.
In simple terms, in general, all devices in the network can
theoretically get access to all the available (free-to-air and
encrypted) media contents/streams. But only those devices
with some specific keys can view the encrypted/protected
contents. The secure management of these keys in the open
network, is the prime responsibility of a CAS vendor.
Types of CAS in PayTV systems
Smartcard based solution
Smartcard contains proprietary security logic for decryption.
Proven and tested, and most widely accepted solution.
Recovery time after hacking is high, since cards need to be
Similar to smartcard based, but the device is just provided with
a slot for CAM module, and any smartcard (meeting CAM
requirements) should be able to work.
More open standard, but poor adoption by market leaders.
Cardless or full-software solution
SoC level security features are used by software modules.
Relatively newer technology, cheaper and growing in
Recovery time after hacking is very low, hence discouraging
CAS for Broadcast Networks
The next few slides explain the end-to-end
management of secure content.
This is a very generalized and simplistic explanation
(intended for engineers with DVB background), and
not specific to any particular CAS vendor.
The basic concept would be similar for all Broadcast
CAS systems, with slight variations in the number of
levels for key encryption, key ladder logic,
encryption/scrambling algorithms used, etc.
Scrambling and Descrambling
Random key, from
a Random Number
Generator Can this key be sent to
STB clients without
encryption? Think about
Should it same for all
users? Think about
@ Headend Mux
How frequently should
this key be changed?
Think about brute-force
Why is CW shared?
CW-1 CW-2 CW-3 CW-4
impractical, so use
common CW per
Why is ECM shared?
Key-1 Key-2 Key-3 Key-4
impractical, so use
common ECM per
Millions of users. Will
run short of PIDs.
Even if sent on same
PID, the overhead to
encrypt & send so
many million ECMs so
frequently is too high.
End-to-end Key Handling (Headend)
from SoC/smartcard db
Common to all
Free-to-air service Scrambled serviceScrambler Common to all