Implementing a secure cardless set-top box

The pay TV security paradigm has evolved considerably over the years. Since the 1990s, set-top boxes (STBs) have been secured by Conditional Access System (CAS) smart cards. Although early smart cards offered operators basic levels of content protection against unauthorized viewers, such security measures were ultimately insufficient to guard against increasingly sophisticated methods of attack.

Consequently, operators and criminal hackers were locked in a digital game of “cat and mouse” for many years, with operators losing millions of dollars of subscriber revenue to pirates. Smart card attacks forced operators to replace tens, or hundreds of thousands of smart cards each time a major breach was discovered, a costly event that occurred with alarming frequency. To make matters worse, operators were often unable to secure and update all units in the field. With each improvement to smart card security, pirates increasingly turned to advanced techniques such as side-channel attacks, forcing smart card manufacturers to employ new countermeasures.

By 2010, smart cards had become more resistant to these types of attacks. As such, pirates shifted their focus to exploiting critical vulnerabilities in the interface between the smart card and the set-top box, prompting the use of pairing keys and other techniques to help mitigate such attacks. Nevertheless, the smart card remains inherently vulnerable, as it is still a disparate device that is physically separated from the set-top box chipset where content is decrypted.

In recent years, attackers realized that the set-top box chipset itself could be compromised directly with side-channel attack techniques, which further limits the value provided by the smart card. Unsurprisingly, vectors of attack against the pay TV sector are still quite numerous. While chipset security has improved, the need to incorporate more robust hardware security and enhanced capabilities directly into the SoC has only grown.

More specifically, cardless CAS set-top boxes, equipped with hardware security cores, offer a robust alternative to smart cards and have been adopted by major operators as they provide CAS/DRM independence, among many other benefits. A hardware security core, such as the CryptoMedia Content Protection Core offered as part of the Rambus CryptoMedia Platform, enables robust security for operators with embedded, integrated hardware that acts to effectively decrease potential attack vectors. Finally, eliminating the smart card also significantly reduces costs, enabling the expansion of premium services into low-cost markets.

Interested in learning more about implementing a secure cardless set-top box? You can check out our eBook on the subject here and our CryptoMedia product page here.