TY - GEN
T1 - JavaCard-based two-level user key management for IP conditional access systems
AU - Moon, Jinyoung
AU - Park, Jongyoul
AU - Paik, Euihyun
PY - 2007
Y1 - 2007
N2 - To prohibit the unauthorized accesses on premium contents of the Pay-TV system, a Conditional Access System (CAS) scrambles the contents with a scrambling key. In order to securely send the scrambling key for descrambling, the CAS transmits the scrambling key after encrypting it with another encryption key. The encryption keys are generally transmitted by Entitlement Management Message (EMM). In this paper, we propose a two-level user key management scheme for the IP CAS used in the IPTV system. A user key for every subscriber is subdivided into permanent Subscriber Key (SK) and updatable User Key (UK). The SK is used to obtain the UK by an authentication protocol. According to the authentication protocol, the authentication server requests the results of cryptographic operations to the authentication client to verify the authentication client. The UK is used to encrypt the next encryption key. The proposed scheme strengthens the security of the IP CAS because the use of the UK for the EMMs enables the lifetime of the SK to be infinite and the replacement of the smartcard to be eliminated. In addition, the IP CAS adopts Java card instead of Smart card because Java card applets are able to be dynamically reloaded.
AB - To prohibit the unauthorized accesses on premium contents of the Pay-TV system, a Conditional Access System (CAS) scrambles the contents with a scrambling key. In order to securely send the scrambling key for descrambling, the CAS transmits the scrambling key after encrypting it with another encryption key. The encryption keys are generally transmitted by Entitlement Management Message (EMM). In this paper, we propose a two-level user key management scheme for the IP CAS used in the IPTV system. A user key for every subscriber is subdivided into permanent Subscriber Key (SK) and updatable User Key (UK). The SK is used to obtain the UK by an authentication protocol. According to the authentication protocol, the authentication server requests the results of cryptographic operations to the authentication client to verify the authentication client. The UK is used to encrypt the next encryption key. The proposed scheme strengthens the security of the IP CAS because the use of the UK for the EMMs enables the lifetime of the SK to be infinite and the replacement of the smartcard to be eliminated. In addition, the IP CAS adopts Java card instead of Smart card because Java card applets are able to be dynamically reloaded.
UR - https://www.scopus.com/pages/publications/48149102890
U2 - 10.1109/ICON.2007.4444064
DO - 10.1109/ICON.2007.4444064
M3 - Conference contribution
AN - SCOPUS:48149102890
SN - 1424412307
SN - 9781424412303
T3 - ICON 2007 - Proceedings of the 2007 15th IEEE International Conference on Networks
SP - 72
EP - 76
BT - ICON 2007 - Proceedings of the 2007 15th IEEE International Conference on Networks
T2 - 15th IEEE International Conference on Networks, ICON 2007
Y2 - 19 November 2007 through 21 November 2007
ER -