Crazy,
Can you post some info on exactly how the control word works. How is it calculated? How it gives authorization? How is it reconciled? :confused:

Seaboard, I emailed you some info. I'll paste it in here in a few for others to see too.

This is straight from the patent. I didn’t know the answer and had to go find it. I know a lot about binary and IP, but I don’t know shit about assembly language like the real stars of this hobby do. My job is very technical, so the concepts are easy for me. However…….The devil is in the details right? ;)

I don't know if this applys to all CAMs, but it is probably pretty close

__________________________________________________ __________________________________________________

The authorization key may be used to directly control the encryption/decryption of the data stream. It is however preferred to add one or more security layers to ensure that a malicious user (that’s us) does not retrieve the authorization key sent from the decryptor to the descrambler and supplies the key to descramblers of other receivers. In such systems, the key used for scrambling/descrambling the data is changed frequently (e.g. once every 10 seconds). This key is usually referred to as the content key. The content key itself is also transmitted (usually broadcast) to all receivers in an encrypted form (referred to as control word), using the authorization key to control the encryption. In this scenario, the authorization key directly controls the decryption of the control word, and indirectly the descrambling of the data. The decryption of the control word also takes place in the secure module of the receiver. Decryption of a control word takes a considerable amount of time, for example 300 to 600 msecs.



A broadcast receiver includes a tuner/de-multiplexer for selectively tuning into at least one of a plurality of broadcast digital transport streams, and de-multiplex the tuned transport stream into a plurality of parallel de-multiplexed data streams in order to selectively provide at least one of de-multiplexed data streams. A de-multiplexed data stream may be scrambled under control of a time-varying content key. The tuner/de-multiplexer extracts from the tuned transport stream for at least two scrambled de-multiplexed data streams a respective control word stream. Each control word represents an encrypted content key. A controller supplies control words from the control word streams to the decryptor. The decryptor decrypts the control words and supplies the corresponding content keys to the controller. The controller forms for each control word stream a corresponding content key stream and stores for each content key stream at least a latest content key in a memory. The controller provides for a selected de-multiplexed data stream the corresponding content keys from the memory to a de scrambler to enable the de scrambler to descramble the data stream.

__________________________________________________ __________________________________________________ __



Pretty cool huh? Isn't this hobby great?

Ok, now that we are on the right track with this explanation, Crazy, would it be too much to ask of you to add in the actual code and dissasemblies in between the plain english steps?

It would help a great deal and I could understand how to apply it much better. Your expert coding help is indeed needed.


The authorization key may be used to directly control the encryption/decryption of the data stream.

It is however preferred to add one or more security layers to ensure that a malicious user (that?s us) does not retrieve the authorization key sent from the decryptor to the descrambler and supplies the key to descramblers of other receivers.

The key used for scrambling/descrambling the data is changed frequently (e.g. once every 10 seconds).

This key is usually referred to as the content key.

The content key itself is also transmitted (usually broadcast) to all receivers in an encrypted form (referred to as control word), using the authorization key to control the encryption.

In this scenario, the authorization key directly controls the decryption of the control word, and indirectly the descrambling of the data.

The decryption of the control word also takes place in the secure module of the receiver.

Decryption of a control word takes a considerable amount of time, for example 300 to 600 msecs.



A broadcast receiver includes a tuner/de-multiplexer for selectively tuning into at least one of a plurality of broadcast digital transport streams, and de-multiplex the tuned transport stream into a plurality of parallel de-multiplexed data streams in order to selectively provide at least one of de-multiplexed data streams.

A de-multiplexed data stream 5 may be scrambled under control of a time-varying content key.

The tuner/de-multiplexer extracts from the tuned transport stream for at least two scrambled de-multiplexed data streams a respective control word stream.

Each control word represents an encrypted content key.

A controller supplies control words from the control word streams to the decryptor.

The decryptor decrypts the control words and supplies the 10 corresponding content keys to the controller.

The controller forms for each control word stream a corresponding content key stream and stores for each content key stream at least a latest content key in a memory.

The controller provides for a selected de-multiplexed data stream the corresponding content keys from the memory to a de scrambler to enable the de scrambler to descramble the data stream.

I am not completely sure how SK in figured seaboard. and I am far from a expert coder! I wouldn't even condider myself a coder really. anyway for the DT08 it implements the cam id, and the ird number, it also uses the ird number inverted. Once you have those it uses a bunch of shit I don't completely understand to get a really long string of code, it then hashes and xor's that (I believe) into your P and Q but first it byteflops them. this then creates OA for the card which is uses with other info in the receivers tsop to create the 08 datatype that gives us tv on the older legacy receivers. I dont' really know what all goes on here, this is the way I understand it the best to my recollection.

I believe the stuff in the receiver tsop comes out of ram of the tsop, not the tsop. sorry for the confusion.

I believe the stuff in the receiver tsop comes out of ram of the tsop, not the tsop. sorry for the confusion.

Ok Carzy, thanks for what you added. I sent Ohms some stuff to look at about this to look at but he is not a coder either. Neither am I so all of this information is being used to try and understand how the control words actually work in this particular case. I have included the cmd 07 information so that you can look at it. I'm pretty sure that you understand more than me. Thanks to Doug Jones for this information. If you can add anything else to this please do so.

Doug Jones thinks that a TSOP hack would be more beneficial over time for testers. What do you think?

#Cmd.07
#Rom:101-102-S01
# Data RSP Cmd
#CMD # Length Length RSP # Length Type Description
#----- ------ ------ ----- ------ ----- ----------------------------------------------------
#07 00 Varies 87 02 N2 Entitlement Control Message
################################################## ################################################## #
This command is used to prime the card to return video decryption keys to
the IRD. Contained within this command's encrypted packets are information
pertaining to the program tier the user is attempting to view, the correct
audio and video decryption keys for the channel, current date and time, and so
forth. When a card receives a $1C command, it will re-encrypt the decryption
keys using the IRD's 8-byte key and return them to the IRD if it (the card)
believes that the program tier that the user is attempting to watch is one for
which they are authorized.
In addition to information about the program that the user is attempting to
watch, the $07 command contains information about the encryption method used,
how many encrypted video keys are present, and so forth.

Example of a $07 command and its response:

21 00 4D ; A0 CA 00 00 ;Standard header
47 ;Instruction length
07 ;Command
45 ;Command data length
01 01 ;System ID
86 00 ;key select?
88 ;values = 08 or 88
46 FE 13 E9 56 82 74 E1 ;Data Package #0
6A 25 B4 75 9A 11 {D3} B2 ;Data Package #1
{52 EC 50 6A} 5C 19 83 E7 ;Data Package #2
48 B4 65 4C A5 47 2F 84 ;Data Package #3
E6 C3 0B 16 A4 9A 4E AE ;Data Package #4
B7 01 41 0E E6 54 D8 2C ;Data Package #5
BC 9E 9B 5E 24 E6 48 CF ;Data Package #6
96 A9 E1 76 1A 2D F0 89 ;Data Package #7
02 ;Expected response length
4C ;Checksum

12 00 04 ; 87 ;Response code
00 ;Response data length
90 00 ;SW1/SW2: Successful completion
01 ;Checksum

Ready to send packet:
21 00 4D A0 CA 00 00 47 07 45 01 01 86 00 88 46 FE 13 E9 56 82 74 E1 6A 25 B4 75 9A 11 D3 B2 52 EC 50 6A 5C 19 83 E7 48 B4 65 4C A5 47 2F 84 E6 C3 0B 16 A4 9A 4E AE B7 01 41 0E E6 54 D8 2C BC 9E 9B 5E 24 E6 48 CF 96 A9 E1 76 1A 2D F0 89 02 4C

12 00 04 87 00 90 00 01

------------

#Cmd.1C
#Rom:101-102
# Data RSP Cmd
#CMD # Length Length RSP # Length Type Description
#----- ------ ------ ----- ------ ----- ----------------------------------------------------
#1C 02 08 9C 36 N2 Control Word Request (video decryption key request)
################################################## ################################################## #
This command is used by the IRD to request the decryption keys for the
channel to which the IRD is currently tuned. This command is a counterpart
to command $07. The decryption keys are sent from the IRD to the CAM in an
encrypted form that the IRD doesn't know how to decode along with information
that tells the CAM which channel the IRD is tuned to. If the CAM decides that
the user should be able to view the specified channel (ie., if there is a
valid subscription tier in the CAM for the specified channel), then when the
next $1C command is issued, the CAM will decrypt the data it was given in the
$07 command, re-encrypt it using a key and method known to the IRD, and send
the data back to the IRD, which will then decrypt the data and use it to
decrypt the video and audio data streams. A typical $1C packet and it's
associated response would look like this:

21 00 08 ; A0 CA 00 00 ;Standard header
02 ;Instruction length
1C ;Command
00 ;Command data length
36 ;Expected response length
6B ;Checksum

12 00 38 ; 9C ;Response code
34 ;Response data length
00 08 ;Key Selet "00 00" "00 08"
A1 23 D2 8F 0A 61 A5 04 ;Data #0
10 15 79 90 62 BC B3 2E ;Data #1
7B 93 00 70 44 5A 5A 81 ;Data #2
00 08 ;Key Selet "00 00" "00 08"
A8 8C 59 E7 E4 A9 CC C1 ;Data #0
B9 F4 56 E5 9F 23 25 1F ;Data #1
D3 00 D0 BD B9 A8 FF ED ;Data #2
90 00 ;SW1/SW2: Successful completion
EA ;Checksum

Ready to Send packet:
21 00 08 A0 CA 00 00 02 1C 00 36 6B

12 00 38 9C 34 00 08 A1 23 D2 8F 0A 61 A5 04 10 15 79 90 62 BC B3 2E 7B 93 00 70 44 5A 5A 81 00 08 A8 8C 59 E7 E4 A9 CC C1 B9 F4 56 E5 9F 23 25 1F D3 00 D0 BD B9 A8 FF ED 90 00 EA