mbpine@drutx.UUCP (Mick Beilman) (01/17/86)
I heard a vicious rumor today that one of the
radio channels on one of the satellite`s offered a
$10,000.00 reward to anyone who could break the new
Cypher-2 scrambling now in use by HBO.
Someone has evidentially collected the money
with his version using common Radio Schaack parts
worth only $12.00.
Has anyone else heard this rumor? Has anyone
have any information on how this system actually
works?die@hydra.UUCP (Dave Emery) (01/21/86)
HBO is using a scrambling device developed by MAccom/Linkabit
called the VideoCipher II. It basicly denies unauthorized access to
HBO satellite feeds by digitally scrambling the audio using a DES
generated key stream, and makes watching the video more difficult by
inverting it and removing all synchronizing pulses.
The Picture
Recovering video from a Videocipher enciphered satellite transmission
requires little more than a source of sync genlocked to the basic horizontal
and vertical scanning rates of the HBO transmission. As the 3.58 mhz color
burst is still present (though not at the same DC level), obtaining a
timing reference based on locking to the color burst is still quite possible.
Once one has a source of timing (a clock slaved to the transmitter
clock) recovering correct sync phase can be handled by hand (IE push a button
or turn a knob until the picture is right) or automatically by looking for
the digital data which is substituted for the sync.
Adding the sync to the picture and inverting the video requires
some very simple analog cicuitry.
The job of generating sync from an oscillator slaved to the
color burst can be easily handled by one of several sync generator IC's.
The required circuitry to recover a picture from a VideoCipher II
transmission is not excessively complex and might well have been built
for a few dollars from Radio Schlock parts.
The Problem
This is all fine if all one wishes to see is silent movies. But
most people want to hear the movie as well as see it. And the sound
is transmitted under DES encryption. There is no published method
of breaking DES. MACom estimates that it would take "large" computational
resources "uneconomic to apply to the problem" to determine the keys
that are used that are changed tens of times a second.
The system encodes its audio (in a 14 bit format similar to but
not identical to that used on CDs), authorization information, and
some extra bit stream capacity that may in the future be used
for delivery of data services directly to satellite equiped homes
as a 4 level pulse amplitude modulated bit stream that occupies the
time interval that the horizontal and vertical sync occupy in a standard
TV picture.
In addition to the two stereo audio channels, this bit stream
includes authorization information addressed to a specific decoder box
that contains a 56 bit (DES remember) bit map authorizing the user to
receive one or more of 56 different service packages. A particular show is
transmitted with a similar bit map that identifies which service
packages it belongs in.
The actual DES keys used to encipher the audio stream are transmitted
under a higher level key every few frames of video. That key in turn is
transmitted under a per-show key, and that key is transmitted under a per
service key. And the per-service key is sent to the user under a
per-user decoder box key and changed once a month or so.
So rather than have one fixed key that enciphers the
whole bit stream for hours or days at a time, the actual keys that are
used to encipher repetitive patterned data such as the sound are randomly
chosen and frequently changed.
Macom keeps the keys secure by building the entire decrypting
process into one large VLSI chip which never puts out a key on any
of it's pins. So obtaining the keys requires microprobing the chip
(which clever metalization may well make impossible). Interestingly,
they recognized the problems that could be caused by theft of a list
of decoder box keys, so each decoder box has a number of different
individual keys burned into it so that if one list is lost, they can
simply switch to another.
The Result
It seems inconceivable to me that anyone has broken an
apparently well thought out DES based audio encryption system with
$12 of Radio Shack parts. I have never heard any information that
would suggest that HBO built in a back door method of recovering audio
such as an analog modulated subcarrier (similar to the normal method
of transmitting audio on a satellite) so I suspect that all the
person involved did was recover a watchable picture without sound
which isn't very hard to do and is clearly not worth $10000.
VideoCipher I
Originally MAcom developed the Videocipher I which was a
substantially more complex and expensive device intended for use
only by cable companies. It used DES psuedo-random address sequences
to read individual chunks of video (portions of a line) out of
a digital frame store. When it became obvious that a device was needed
that could be sold to home viewers for a reasonable amount of money
and work well with poor downlink receivers and poor signals it became
clear that the VideoCipher I was excessive.
The VideoCipher I has been revived, however, to encipher CBS
backhauls from remote studios and sports events back to CBS headquarters.
I understand that CBS feels that other networks were pirating news stories
by watching CBS feeds. I have not heard whether they intend to encipher
all the feeds to their stations, but I doubt very much if they will get
away with denying rural areas access to CBS programming so they will no
doubt keep one open.
B-MAC
The other satellite TV scrambling system currently being marketed
aggressively is B-MAC sold by Scientific Atlanta which also uses DES encoded
audio (or something similar to DES). It, however, also uses DES to dither
(delay by psuedo-random amount) the video and does not transmit the
video in a normal NTSC format (rather it transmits the luma and
two color components as separate pulses at a substantially higher
effective scan rate and uses CCD or digital line store devices
to combine them back into a NTSC color picture). As a result, B-MAC
encoded video is much much harder to recover a watchable picture from.
B-MAC is scheduled to be used to encode the Holiday Inn Hi-Net
6 channel Ku band movie service (one channel of which may be HBO). Scientific
Atlanta would love to be able to sell their scrambling system to
the C-band cable system signal providers but MAcom got a head start with
HBO and is strenuously arguing that TVRO users don't want to have
to buy two $300 descrambler boxes. However the fact that the video
isn't very secure with the MAcom system has been an issue and that
may be why there has been some publicity about the subject.
The MDS Loophole
HBO transmits unenciphered video on so called multipoint
distribution systems (2150 mhz) in more than 300 different metropoliten
areas throughout the country. The modulation used is standard vestigal
sideband AM with FM sound. All that is required to pirate HBO from
such signals is a downconverter than converts the 2.15 GHZ to channel
3. Such downconverters used to be quite widely advertised for
"Ham-TV" because a radio amateur band is nearby (2304 mhz).
Reception of MDS signals for the purpose of illegally obtaining HBO
service has been found to be a violation of the Communications Act of 1934 in
a recent Supreme Court decision. And of course the infamous "Electronic
Communications Privacy Act of 1986" which is moving through congress
may make any reception whatsoever of unauthorized signals whether out of idle
curiosity or fraudulent intent a serious federal felony equivalent to
the present crime of wiretapping.
It is however amusing to note that 3 different networks I watched
on the night HBO started full time scrambling all showed pictures of
MDS antennas along with regular satellite dishes. The voice over
said nothing about MDS but the tape clearly showed pictures of MDS
antennas on all the network stories I watched. I suspect this was
a quite and clever comment by the technical folk who shot the tape
about the MDS loophole, as I doubt there are many broadcast technicians
who can't tell the difference between an MDS antenna and a satellite
dish.
In any case it is probably true that nearly as many if not
more people pirate HBO from MDS links with equipment that sold for
as little as $59 as those who used $3000 home TVRO's principly to
cheat HBO of it's monthly subscription fee.
David I. Emery Charles River Data Systems 617-626-1102
983 Concord St., Framingham, MA 01701.
uucp: decvax!frog!diedsi@unccvax.UUCP (01/22/86)
> > HBO is using a scrambling device developed by MAccom/Linkabit > called the VideoCipher II. It basicly denies unauthorized access to > HBO satellite feeds by digitally scrambling the audio using a DES > generated key stream, and makes watching the video more difficult by > inverting it and removing all synchronizing pulses. 'Tis true... Our VideoCipher II just came in yesterday, and I might just add that it is a very sophisticated piece of equipment. First, the VideoCipher II is available in two models for "consumer" use: one, which accepts raw (nondeephasized video) or composite video, and the other, which allows looping through the 70 mHz IF signal from the satellite receiver. The version I had was the "looped through" version; both the consumer/SMATV versions have an RF modulator for channel 3 or 4. I believe that a wireless remote is available. However, the person who is selling me my AUTHORIZED FOR HBO VideoCipher box (no flames) had it at home preauthorized, working fine, but when we connected it to our antenna last night, it wouldn't work. The help menu wouldn't come up or *nuthin'*. The VideoCipher box does depend on the reception of a VideoCipher-encoded audio data stream before the functions on the front panel would work; it may be that the Sat-Tec receiver we were using was too "narrow" to recover the audio clock and data properly from the synchronizing interval. That's where it was left, last night. We are dropping back to punt, and when I get the SA 6603 receiver on the dish (and verification that the box is authorized) I'll post observations about the VideoCipher box to the net. David Anthony DataSpan, Inc
mikey@techsup (01/25/86)
The video portion is easy to bust, the sound is the problem. At least, that's what I've been told, I wouldn't know from personal experience! mikey