Sacred Cows and the New Pay-TV Marketplace
My compliments to Andrew Glasspool and his colleagues at Farncombe Technologies for two important, closely argued white papers published this year that are barometers of the changing times we live in.
Their most recent paper, published this week, on the Common Scrambling Algorithm (CSA) mandate that many pay-TV deployments must accommodate illustrates very succinctly how technical decisions that once were wholly supportable now hobble the transition of traditional pay-TV players to the new competitive world. My only misgiving here is for any sense in which the specifics of this issue might reflect on the reputation as a whole of the DVB. The guidance of the DVB and its contributors has been instrumental to organize and commercialize digital pay-TV around the globe, and continues to do so.
The timely critique of a single technical standard should only be a cause to celebrate open debate – and legacy CA players who rush to the defense of this particularly sacred cow should see it as such. Rather, like scientists who see a grand theory smashed on the rocks of experimental evidence, we should recognize that the changing landscape does require a new assessment of the relevance of certain standards and grasp the challenge that this brings.
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
The threat from the single point of attack is very real, and burying the control word secrets deep in silicon in the end will not be enough; the control word protection schemes have other weaknesses.
However, the merrits of CSA are serious and should not be forgotten. Broad technology proliferation is very important and simulcrypt plays a crucial role in some markets to encourage competition. Interchangeability of CA systems has been proven to be very important. Those should not be called sacred cows per se.
Finally: all this has to be viewed in the light of the worst possible attack ever: (online) content redistribution. Which floodgate is bigger?
I think I would restate my view (and a central theme of the Farncombe paper that I was commenting on) that CSA has been and remains a valuable algorithm for revenue protection in traditional broadcast networks. But its central tenet of HW only implementation does not seem nearly as valuable in the new breed of networks that are IP oriented and fundamentally targeted at multiple device types.
So is it reasonable to continue to mandate this standard – and only this standard – as the landscape changes so dramatically? AES, as an example, is one family of alternate cryptographic algorithms that has proven to be equally robust and is at least as widely supported – in both SW and HW implementations.
We are also very keen supporters of Simulcrypt for many reasons, not least the one you state, but – to link this thought to your comment – AES and other scrambling algorithms can equally well be used at the core a practical Simulcrypt system deployment without compromise to the integrity of content security.